Security News

The latest twist is ransomware targeting Android devices disguised as a legitimate download of the new open-world game. New Android #Ransomware disguised as #Cyberpunk2077 game.

As many as 25 private companies - including the Israeli company NSO Group and the Italian firm Hacking Team - have sold surveillance software to Mexican federal and state police forces, but there is little or no regulation of the sector - and no way to control where the spyware ends up, said the officials. The cyberweapons arms business is immoral in many ways.

New spyware is targeting iOS and Android frequenters of adult mobile sites by posing as a secure messaging application in yet another twist on sextortionist scams. The spyware, dubbed Goontact, targets users of escort-service sites and other sex-oriented services - particularly in Chinese-speaking countries, Korea and Japan, according to research published by Lookout Threat Intelligence on Wednesday.

An extortion campaign targeting Chinese, Korean, and Japanese speakers recently started using a new piece of spyware, mobile security firm Lookout reported on Wednesday. The campaign is focused on infecting iOS and Android of illicit sites, such as those offering escort services, in order to steal personal information, likely with the intent to blackmail or extort victims.

Israeli spyware maker NSO Group has taken a leaf out of Hollywood in an attempt to avoid any legal repercussions from making and selling tools that hack WhatsApp users' phones. When NSO failed to turn up in court in the US state, Facebook claimed victory; and NSO accused it of lying and having failed to serve the legal documents.

The attacks, which targeted IP-addresses belonging to internet service providers in Australia, Israel, Russia, and defense contractors based in Russia and India, involved a previously undiscovered spyware tool called Torisma to stealthily monitor its victims for continued exploitation. Tracked under the codename of "Operation North Star" by McAfee researchers, initial findings into the campaign in July revealed the use of social media sites, spear-phishing, and weaponized documents with fake job offers to trick employees working in the defense sector to gain a foothold on their organizations' networks.

A week after the US government issued an advisory about a "Global intelligence gathering mission" operated by North Korean state-sponsored hackers, new findings have emerged about the threat group's spyware capabilities. The APT - dubbed "Kimsuky" and believed to be active as early as 2012 - has been now linked to as many as three hitherto undocumented malware, including an information stealer, a tool equipped with malware anti-analysis features, and a new server infrastructure with significant overlaps to its older espionage framework.

Kaspersky security researchers have identified versions of the GravityRAT spyware that are targeting Android and macOS devices. In a report published on Monday, Kaspersky reveals that the malware's authors have invested a lot into making their tool cross-platform, and that, as part of an ongoing campaign, both Android and macOS are now being targeted, in addition to Windows.

The criminals behind GravityRAT spyware have rolled out new macOS and Android variants for the first time. Kaspersky researchers spotted updated GravityRAT code indicating an overhaul of the the malware.

German prosecutors said Wednesday that authorities have searched 15 premises linked to spyware maker FinFisher as part of a probe into allegations the Munich-based company broke export laws by selling its products to authoritarian governments. Munich prosecutors opened an investigation into the company last year following complaints from human rights groups, which alleged FinFisher had supplied Turkey with software that could be used to spy on dissidents in the country.