Security News

A new version of the 'FurBall' Android spyware has been found targeting Iranian citizens in mobile surveillance campaigns conducted by the Domestic Kitten hacking group, also known as APT-C-50. The newest FurBall malware version was sampled and analyzed by ESET researchers, who report it has many similarities with earlier versions, but now comes with obfuscation and C2 updates.

Everyone travelling to Qatar during the football World Cup will be asked to download two apps called Ehteraz and Hayya. Briefly, Ehteraz is an covid-19 tracking app, while Hayya is an official World Cup app used to keep track of match tickets and to access the free Metro in Qatar.

The Greek journalist Thanasis Koukakis was spied on by his own government, with a commercial spyware product called "Predator." That product is sold by a company in North Macedonia called Cytrox, which is in turn owned by an Israeli company called Intellexa. The lawsuit filed by Koukakis takes aim at Intellexa and its executive, alleging a criminal breach of privacy and communication laws, reports Haaretz.

A novel Android malware called RatMilad has been observed targeting a Middle Eastern enterprise mobile device by concealing itself as a VPN and phone number spoofing app. The mobile trojan functions as advanced spyware with capabilities that receives and executes commands to collect and exfiltrate a wide variety of data from the infected mobile endpoint, Zimperium said in a report shared with The Hacker News.

Internet snoops have been caught concealing spyware in an old Windows logo in an attack on governments in the Middle East. The Witchetty gang used steganography to stash backdoor Windows malware - dubbed Backdoor.

Internet snoops has been caught concealing spyware in an old Windows logo in an attack on governments in the Middle East. The Witchetty gang used steganography to stash backdoor Windows malware, dubbed Backdoor.

Data-stealing spyware disguised as a banking rewards app is targeting Android users, Microsoft's security team has warned. The Microsoft threat hunters' investigation began after receiving a text message claiming to be from India's ICICI bank's rewards program.

A new wave of a mobile surveillance campaign has been observed targeting the Uyghur community as part of a long-standing spyware operation active since at least 2015, cybersecurity researchers disclosed Thursday. It's worth noting that a part of the campaign was recently disclosed by researchers from the MalwareHunterTeam and Cyble, in which a book written by the exiled Uyghur leader Dolkun Isa was used as a lure to deliver the malware.

A new Iranian state-sponsored hacking group known as APT42 has been discovered using a custom Android malware to spy on targets of interest. The cybersecurity firm has collected enough evidence to determine that APT42 is a state-sponsored threat actor who engages in cyberespionage against individuals and organizations of particular interest to the Iranian government.

A previously undocumented strain of Android spyware with extensive information gathering capabilities has been found disguised as a book likely designed to target the Uyghur community in China. The malware comes under the guise of a book titled "The China Freedom Trap," a biography written by the exiled Uyghur leader Dolkun Isa.