Security News > 2021 > September > Experts Uncover Mobile Spyware Attacks Targeting Kurdish Ethnic Group

Experts Uncover Mobile Spyware Attacks Targeting Kurdish Ethnic Group
2021-09-08 05:13

Cybersecurity researchers on Tuesday released new findings that reveal a year-long mobile espionage campaign against the Kurdish ethnic group to deploy two Android backdoors that masquerade as legitimate apps.

Active since at least March 2020, the attacks leveraged as many as six dedicated Facebook profiles that claimed to provide news, two of which were aimed at Android users while the other four shared pro-Kurd content, only to share spying apps on Facebook public groups.

"It targeted the Kurdish ethnic group through at least 28 malicious Facebook posts that would lead potential victims to download Android 888 RAT or SpyNote," ESET researcher Lukas Stefanko said.

The Slovakian cybersecurity firm attributed the attacks to a group it refers to as BladeHawk.

A total of 28 rogue Facebook posts have been identified as part of the latest operation, complete with fake app descriptions and links to download the Android app, from which 17 unique APK samples were obtained.

The Android 888 RAT has been connected to two more organized campaigns - one that involved spyware disguised as TikTok and an information-gathering operation undertaken by the Kasablanca Group.


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/kEn8PHkmMg0/experts-uncover-mobile-spyware-attacks.html