Security News

The developers behind the Android malware have a new variant that spies on instant messages in WhatsApp, Telegram, Skype and more. In tandem with the sanctions, the FBI released a public threat analysis report that investigated several tools used by Rana Corp. Researchers recently conducted further analysis of one of these malware samples and found that its latest variant showcases several new commands that point to the threat actors sharpening their surveillance capabilities.

Israeli spyware maker NSO Group has taken a leaf out of Hollywood in an attempt to avoid any legal repercussions from making and selling tools that hack WhatsApp users' phones. When NSO failed to turn up in court in the US state, Facebook claimed victory; and NSO accused it of lying and having failed to serve the legal documents.

Konstantin Vishnyak, 42, was cleared by Southwark Crown Court in London, England, of destroying documents relevant to a now-discontinued investigation into insider trading. It was reported that Vishnyak, formerly of VTB Capital, deleted the app and messages from his iPhone - one of two handsets he gave to police - not out of fear of an investigation into insider trading, but rather in an effort to conceal his friendship with Andrei Lugovoi, the Russian politician wanted in connection with the polonium poisoning of Alexander Litvinenko in 2006.

Researchers say they have uncovered a new Android spyware variant with an updated command-and-control communication strategy and extended surveillance capabilities that snoops on social media apps WhatsApp and Telegram. APT-C-23 is known to utilize both Windows and Android components, and has previously targeted victims in the Middle East with apps in order to compromise Android smartphones.

Facebook-owned WhatsApp has fixed six previously undisclosed vulnerabilities in its chat platform, revealing the move on a new dedicated security advisory site aimed at informing its more than 2 million users about bugs and keeping them updated on app security. The site is part of an effort by WhatsApp to be more transparent about platform vulnerabilities to not just users, but also the security community, and patch them in a timely manner.

The Iran-affiliated APT known as Charming Kitten is back with a new approach, impersonating Persian-speaking journalists via WhatsApp and LinkedIn, in order to con victims into opening malicious links. To lend verisimilitude to their impersonations, the cybercriminals also set up fake LinkedIn profiles corresponding to the journalists' names, and have been sending out LinkedIn messages to corner victims as well.

The hackers used a personalized URL, tailored to the victim's email address, to trick them into accessing the malicious link, and also attempted to send a malicious ZIP file to the victim. "Clearsky alerted 'Deutsche Welle' about the impersonation and the watering hole in their website. A 'Deutsche Welle' representative confirmed that the reporter which Charming Kitten impersonated, did not send any emails to the victim nor any other academic researcher in Israel in the past few weeks," the security firm says.

Facebook's lawsuit against NSO Group over alleged spying on WhatsApp users will be allowed to go forward. WhatsApp-owner Facebook is alleging that NSO Group exploited a vulnerability in WhatsApp to deploy its spyware against human rights activists, journalists and political dissidents.

Facebook won a significant legal victory on Thursday when the judge hearing the lawsuit against Israeli spyware maker NSO Group declined to dismiss the case - and allowed the crucial discovery process to move forward. Last October, Facebook and its WhatsApp subsidiary sued NSO Group, and its Q Cyber Technologies affiliate, in the Northern District of California.

An infosec researcher reckons Whatsapp was a bit too quick off the mark to blame its users when hundreds of thousands of phone numbers, names and profile pictures were found to be easily accessible via Google. Athul Jayaram, a self-described "Full time bug bounty hunter", published a blog post earlier this week highlighting that a large number of Whatsapp users' mobile numbers could easily be found by searching Google for the domain "Wa.me".