Geeks for your information News Privacy & Security News v
Android Spyware Variant Snoops on WhatsApp, Telegram Messages
Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Android Spyware Variant Snoops on WhatsApp, Telegram Messages
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,067 in 3,839 posts
Thanks Given: 6,263
Joined: 12 September 18
#1
Information  01 October 20, 17:06 (This post was last modified: 01 October 20, 17:07 by silversurfer.)
Quote:Researchers say they have uncovered a new Android spyware variant with an updated command-and-control communication strategy and extended surveillance capabilities that snoops on social media apps WhatsApp and Telegram.
 
The malware, Android/SpyC32.A, is currently being used in active campaigns targeting victims in the Middle East. It is a new variant of an existing malware operated by threat group APT-C-23 (also known as Two-Tailed Scorpion and Desert Scorpion). APT-C-23 is known to utilize both Windows and Android components, and has previously targeted victims in the Middle East with apps in order to compromise Android smartphones.
“Our research shows that the APT-C-23 group is still active, enhancing its mobile toolset and running new operations,” according to researchers with ESET in a report released Wednesday. “Android/SpyC32.A – the group’s newest spyware version – features several improvements making it more dangerous to victims.”
 
APT-C-23’s activities – including its mobile malware – were first described in 2017 by several security research teams. Meanwhile, the updated version, Android/SpyC23.A, has been in the wild since May 2019 and was first detected by researchers in June 2020.
 
The detected malware samples were disguised as a legitimate messaging app offered through Google Play. The app, called WeMessage, is malicious, researchers said, and uses entirely different graphics and doesn’t seem to impersonate the legitimate app other than by name. Researchers said, this malicious app does not have any real functionality, and only served as bait for installing the spyware.

Researchers also said they don’t know how this fake WeMessage app was distributed. Previous versions of the malware were distributed in apps via a fake Android app store, called the “DigitalApps” store. The fake app store distributed both legitimate apps as well as fake apps posing as AndroidUpdate, Threema and Telegram. However, researchers said that the fake WeMessage app was not on the “DigitalApps” store.

Read more: https://threatpost.com/new-android-spywa...am/159694/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
GFYI [Official] EaseUS Data Recovery Wi...
Congratulations to a...jAcos — 12:53
GFYI [Official] Wise Video Converter Pr...
Congratulations to a...jAcos — 12:46
Mozilla Firefox 125 brings text highligh...
Mozilla is set to ...harlan4096 — 10:53
AV-Comparatives - Real-World Protection ...
Introduction Th...harlan4096 — 09:14
AV-Comparatives - Malware Protection Tes...
AV-Comparatives - M...harlan4096 — 09:10

[-]
Birthdays
Today's Birthdays
avatar (48)fuspeukChark
avatar (42)werriewWaiNg
avatar (36)Freemanleo
Upcoming Birthdays
avatar (43)wapedDow
avatar (47)oapedDow
avatar (40)Sanchowogy
avatar (42)techlignub
avatar (41)Stevenmam
avatar (48)onlinbah
avatar (49)steakelask
avatar (43)Termoplenka
avatar (41)bycoPaist
avatar (47)pieloKat
avatar (41)ilyagNeexy
avatar (49)donitascene
avatar (49)Toligo
avatar (36)RobertUtelt

[-]
Online Staff
There are no staff members currently online.

>