The Lookout Threat Intelligence team has discovered four Android surveillanceware tools, which are used to target the Uyghur ethnic minority group. his research indicates that these four interconnected malware tools are elements of much larger mAPT (mobile advanced persistent threat)campaigns that have been active for years. Although there is evidence that the campaigns have been active since at least 2013, Lookout researchers have been monitoring the surveillanceware families — SilkBean, DoubleAgent, CarbonSteal and GoldenEagle — as far back as 2015.
The mAPT threat actors behind this activity possess a mobile arsenal containing at least four other Android surveillance tools publicly known as HenBox1, PluginPhantom2, Spywaller3and DarthPusher4. By examining the surveillanceware apps, their signing certificates and supporting command and control (C2) infrastructure, Lookout discovered connections between these malware tools and the actors behind them which Lookout detail in this report.
Lookout discovered Mobile APT Surveillance Campaigns Targeting Uyghurs
Subscribe to:
Post Comments (Atom)
Schneider Electric Confirms Data Theft in Developer Platform Hack
Schneider Electric, a leading French multinational in energy and automation solutions, has confirmed that a cybersecurity incident involvi...
-
DigiCert's Revocation of 83,000 Certificates: A Critical Security Move DigiCert has begun the process of revoking over 83,000 SSL/TLS ...
-
The notorious Craxs Rat malware has recently unleashed its latest version, Update V5, introducing a range of new features and enhancements....
-
In the dark alleys of the internet, a new breed of cybercriminals is quietly perfecting their art. Meet the villains behind the alarming s...
No comments:
Post a Comment