Google Uncovers more Details on Spanish-made Spyware that Targeted UAE Users

[harlan4096]

It looks like Google is inching close to finding the hackers that used Spyware made in Spain to target UAE users with Variston’s tools.

Google discovered a new spyware tool causing havoc on Android and Chrome systems in November 2022, which they later realized was called Variston. While developers based in Spain made the spyware software, investigators have uncovered that it’s mostly being used by hackers in the United Arab Emirates to target users.



Google’s Threat Analysis Group (TAG) presented a report on its findings yesterday. Feel free to read through it, but one part caught my attention. One of the tracked campaigns by the hackers is called “Your missed parcel included 0-days (CVE-2022-42856; CVE-2022-4135)”. While it states that it mostly targeted users in the UAE, I’m here to let them know it’s happening elsewhere too, namely in South Africa.

Many of us have seen messages like this. I’ve just been ignoring them, as I know notifications about missed parcels are scams. How the campaign works is that you receive that message with a link to where you can see the progress of your parcel. If you happen to click on it, you head to a site that contains the Variston spyware.

From there, it’s on your device and browser, watching you enter your accounts and capturing information. The other campaign targets Samsung browsers, which sends you tons of fake notifications.

You can also read more about the spyware details from Amnesty International’s Security Lab, which is the group responsible for discovering the hacker activities. While they haven’t caught the culprits yet, they at least have an idea of how many there are and where they are located. 

Here’s hoping that’s enough information to eventually catch and stop them.  Until then, make sure you don’t open suspicious links. I suppose I should do my part and let Google know it’s happening here, too.
...

Continue Reading