The Lookout Threat Intelligence team has discovered four Android surveillanceware tools, which are used to target the Uyghur ethnic minority group. his research indicates that these four interconnected malware tools are elements of much larger mAPT (mobile advanced persistent threat)campaigns that have been active for years. Although there is evidence that the campaigns have been active since at least 2013, Lookout researchers have been monitoring the surveillanceware families — SilkBean, DoubleAgent, CarbonSteal and GoldenEagle — as far back as 2015.
The mAPT threat actors behind this activity possess a mobile arsenal containing at least four other Android surveillance tools publicly known as HenBox1, PluginPhantom2, Spywaller3and DarthPusher4. By examining the surveillanceware apps, their signing certificates and supporting command and control (C2) infrastructure, Lookout discovered connections between these malware tools and the actors behind them which Lookout detail in this report.
Subscribe to:
Post Comments (Atom)
Moody’s Highlights Rising Banking Sector Risks Amid AI Cyber Warfare
Moody’s Warns AI Cyber Arms Race Is Escalating Risks for Banks Advanced AI Is Reshaping the Cybersecurity Battlefield The emergence of fro...
-
New Phishing Campaign Exploits Link Wrapping to Target Microsoft 365 Users Cybercriminals are leveraging trusted security tools like Proo...
-
Ingram Micro Faces 3.5TB Data Leak Threat from SafePay Ransomware Group Some regional websites still recovering as threat actors set Augu...
-
https://www.securityweek.com VMware Urges Immediate Updates for Critical Cloud and Virtualization Vulnerabilities Broadcom-owned VMware is...

No comments:
Post a Comment