The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: mobile spyware

Powerful FinSpy Spyware Found Targeting iOS and Android Users in Myanmar

Powerful FinSpy Spyware Found Targeting iOS and Android Users in Myanmar
July 10, 2019Swati Khandelwal
One of the most powerful, infamous, and advanced piece of government-grade commercial surveillance spyware dubbed FinSpy —also known as FinFisher —has been discovered in the wild targeting users in Myanmar. Created by German company Gamma International, FinSpy is spying software that can target various mobile platforms including iOS and Android, we well as desktop operating systems. Gamma Group reportedly sells its controversial FinSpy espionage tool exclusively to government agencies across the world, but also gained notoriety for targeting human rights activists in many countries. The FinSpy implant is capable of stealing an extensive amount of personal information from targeted mobile devices, such as SMS/MMS messages, phone call recordings, emails, contacts, pictures, files, and GPS location data. In its latest report published today, Kaspersky researchers revealed a cyber-espionage campaign that involves targeting Myanmar users with the latest versions of FinSpy impl

Hackers Used WhatsApp 0-Day Flaw to Secretly Install Spyware On Phones

Hackers Used WhatsApp 0-Day Flaw to Secretly Install Spyware On Phones
May 13, 2019Swati Khandelwal
Whatsapp has recently patched a severe vulnerability that was being exploited by attackers to remotely install surveillance malware on a few "selected" smartphones by simply calling the targeted phone numbers over Whatsapp audio call. Discovered, weaponized and then sold by the Israeli company NSO Group that produces the most advanced mobile spyware on the planet, the WhatsApp exploit installs Pegasus spyware on to Android and iOS devices. According to an advisory published by Facebook, a buffer overflow vulnerability in WhatsApp VOIP stack allows remote attackers to execute arbitrary code on target phones by sending a specially crafted series of SRTCP packets. Apparently, the vulnerability, identified as CVE-2019-3568 , can successfully be exploited to install the spyware and steal data from a targeted Android phone or iPhone by merely placing a WhatsApp call, even when the call is not answered. Also, the victim would not be able to find out about the intrusion af

New FaceTime Bug Lets Callers Hear and See You Without You Picking Up

New FaceTime Bug Lets Callers Hear and See You Without You Picking Up
January 28, 2019Swati Khandelwal
If you own an Apple device, you should immediately turn OFF FaceTime app for a few days. A jaw-dropping unpatched privacy bug has been uncovered in Apple's popular video and audio call app FaceTime that could let someone hear or see you before you even pick up your call. The bug is going viral on Twitter and other social media platforms with multiple users complaining of this privacy issue that can turn any iPhone into an eavesdropping device without the user's knowledge. The Hacker News has tested the bug on iPhone X running the latest iOS 12.1.2 and can independently confirm that it works, as flagged by 9to5Mac on Monday. We were also able to replicate the bug by making a FaceTime call to a MacBook running macOS Mojave. Here's How Someone Can Spy On You Using FaceTime Bug The issue is more sort of a designing or logical flaw than a technical vulnerability that resides in the newly launched Group FaceTime feature. Here's how one can reproduce the bug:

New Android Malware Framework Turns Apps Into Powerful Spyware

New Android Malware Framework Turns Apps Into Powerful Spyware
August 23, 2018Swati Khandelwal
Security researchers have uncovered a new, powerful Android malware framework that is being used by cybercriminals to turn legitimate apps into spyware with extensive surveillance capabilities—as part of what seems to be a targeted espionage campaign. Legitimate Android applications when bundled with the malware framework, dubbed Triout, gain capabilities to spy on infected devices by recording phone calls, and monitoring text messages, secretly stealing photos and videos, and collecting location data—all without users' knowledge. The strain of Triout-based spyware apps was first spotted by the security researchers at Bitdefender on May 15 when a sample of the malware was uploaded to VirusTotal by somebody located in Russia, but most of the scans came from Israel. In a white paper (PDF) published Monday, Bitdefender researcher Cristofor Ochinca said the malware sample analyzed by them was packaged inside a malicious version of an Android app which was available on Google Pla

NSO Spyware Targets Saudi Human Rights Activists and Researchers

NSO Spyware Targets Saudi Human Rights Activists and Researchers
August 01, 2018Swati Khandelwal
Amnesty International, one of the most prominent non-profit human rights organizations in the world, claims one of its staff members has been targeted by a sophisticated surveillance tool made by Israel's NSO Group. The NSO Group is an Israeli firm that's mostly known for selling high-tech spyware and surveillance malware capable of remotely cracking into Apple's iPhones and Google's Android devices to intelligence apparatuses, militaries, and law enforcement around the world. The company's most powerful spyware called Pegasus for iPhone , Android , and other mobile devices has previously been used to target human rights activists and journalists, from Mexico to the United Arab Emirates. Pegasus has been designed to hack mobile phones remotely, allowing an attacker to access an incredible amount of data on a target victim, including text messages, emails, WhatsApp messages , user's location, microphone, and camera —all without the victim's knowl

Skygofree — Powerful Android Spyware Discovered

Skygofree — Powerful Android Spyware Discovered
January 16, 2018Mohit Kumar
Security researchers have unveiled one of the most powerful and highly advanced Android spyware tools that give hackers full control of infected devices remotely. Dubbed Skygofree , the Android spyware has been designed for targeted surveillance, and it is believed to have been targeting a large number of users for the past four years. Since 2014, the Skygofree implant has gained several novel features previously unseen in the wild, according to a new report published by Russian cybersecurity firm Kaspersky Labs. The 'remarkable new features' include location-based audio recording using device's microphone, the use of Android Accessibility Services to steal WhatsApp messages, and the ability to connect infected devices to malicious Wi-Fi networks controlled by attackers. Skygofree is being distributed through fake web pages mimicking leading mobile network operators, most of which have been registered by the attackers since 2015—the year when the distribution ca

Mexican Govt. Allegedly Used Spyware Against Journalists, Activists & A Child

Mexican Govt. Allegedly Used Spyware Against Journalists, Activists & A Child
June 19, 2017Swati Khandelwal
After the disclosure of sophisticated global espionage and disinformation campaign aimed to discredit enemies of the state, Citizen Lab researchers exposed the dirty game of the Mexican government and its politics. The report — " Government Spy: Systematic monitoring of journalists and human rights defenders in Mexico " — published by Citizen Lab today revealed how the Mexican government used advanced spyware tools purchased from the NSO Group to target the country's most prominent human rights lawyers, anti-corruption activists, and journalists. The NSO Group, an Israel-based company that produces the most advanced mobile spyware on the planet, sold the tool to governments with an explicit agreement that it should be used only to fight terrorists or criminal groups that have long kidnapped and killed Mexicans. But, the Mexican government targets include: Lawyers looking into the case of 43 Students disappeared in September 2014 from the town of Iguala. Two

Verizon to pre-install a 'Spyware' app on its Android phones to collect user data

Verizon to pre-install a 'Spyware' app on its Android phones to collect user data
March 30, 2017Mohit Kumar
If the death of online privacy rules wasn't enough for Internet Service Providers and advertisers to celebrate, Verizon has planned to pre-install spyware on customers' Android devices in order to collect their personal data. The telecom giant has partnered with Evie Launcher to bring a new application called ' AppFlash ' — a universal search bar that will come pre-installed on the home screens of all Verizon Android handsets for quickly finding apps and web content. AppFlash is simply a Google search bar replacement, but instead of collecting and sending telemetry data including what you search, handset, apps and other online activities to Google, it will send to Verizon. What's worse? Just like other pre-installed bloatware apps, Android users can't uninstall AppFlash quickly, unless they have rooted their phone. AppFlash allows you to search inside apps or browse through listings of nearby restaurants and entertainment. The built-in Google Search

Hackers Are Using Android Malware To Spy On Israeli Military Personnel

Hackers Are Using Android Malware To Spy On Israeli Military Personnel
February 17, 2017Mohit Kumar
A group of highly sophisticated state-sponsored hackers is spying on the Israeli military by hacking into the personal Android phones of individual soldiers to monitor their activities and steal data. A newly released research by Lookout and Kaspersky suggests that more than 100 Israeli servicemen from the Israeli Defense Force (IDF) are believed to have been targeted with spyware. Dubbed ViperRAT , the malware has specifically been designed to hijack Israeli soldiers' Android-based smartphones and remotely exfiltrate data of high value, including photos and audio recordings, directly from the compromised devices. Modus Operandi Identified According to the security firms, IDF personnel had been compromised by social engineering techniques — where the soldiers were lured via Facebook Messenger and other social networks into entering communications with hackers who posed as attractive women from various countries like Canada, Germany, and Switzerland. The soldiers were th

Apple releases 'Emergency' Patch after Advanced Spyware Targets Human Rights Activist

Apple releases 'Emergency' Patch after Advanced Spyware Targets Human Rights Activist
August 25, 2016Swati Khandelwal
Apple has released iOS 9.3.5 update for iPhones and iPads to patch three zero-day vulnerabilities after a piece of spyware found targeting the iPhone used by a renowned UAE human rights defender, Ahmed Mansoor. One of the world's most invasive software weapon distributors, called the NSO Group, has been exploiting three zero-day security vulnerabilities in order to spy on dissidents and journalists. The NSO Group is an Israeli firm that sells spying and surveillance software that secretly tracks a target's mobile phone. The zero-day exploits have allowed the company to develop sophisticated spyware tools that can access the device location, contacts, texts, calls logs, emails and even microphone. Apple fixed these three vulnerabilities within ten days after being informed by two security firms, Citizen Lab and Lookout, who conducted a joint investigation. Background Story: Malware Discovery Mansoor, 46, ' Martin Ennals Award ' winner from the United Arab Emirate

Spy Agencies Hijack Google Play Store to Install Spyware on Smartphones

Spy Agencies Hijack Google Play Store to Install Spyware on Smartphones
May 21, 2015Mohit Kumar
I have an Android phone with a five different gmail accounts configured in it. But what if any one of them get compromised via phishing, malware or any other way? The Hacker would be able to access my Google account and obviously Google Play Store account too, which allows anyone to install any Android application remotely into my phone without my knowledge and confirmation… What if someone compromises large number of Google accounts and trigger mass installation of a spying or malware app remotely with just one click???? Yes, this was exactly what the National Security Agency (NSA) had done under its widely spread Global surveillance program. A new top-secret document obtained from the former NSA contractor Edward Snowden revealed that the NSA and its closest allies planned to hijack Google and Samsung app stores to infect smartphones with spyware. The operation was launched by the Network Tradecraft Advancement Team, including spy agents from each of the coun

Researchers Get Trolled by Chinese, Pre-Malwartized Xiaomi Mi4 was Duplicate

Researchers Get Trolled by Chinese, Pre-Malwartized Xiaomi Mi4 was Duplicate
March 09, 2015Swati Khandelwal
Recently a mobile-security firm Bluebox claimed that the brand new Xiaomi Mi4 LTE comes pre-installed with spyware /adware and a " forked " vulnerable version of Android operating system on top of it, however, the company denies the claim. Xiaomi , which is also known as Apple of China, provides an affordable and in-budget smartphones with almost all features that an excellent smartphone provides. On 5th March, when Bluebox researchers claimed to have discovered some critical flaws in Mi4 LTE smartphone, Xiaomi issued a statement to The Hacker News claiming that " There are glaring inaccuracies in the Bluebox blog post " and that they are investigating the matter. RESEARCHERS GET TROLLED BY CHINESE SELLERS Now, Xiaomi responded to Bluebox Labs by preparing a lengthy denial to their claims and said the new Mi4 smartphone purchased by Bluebox team in China (known as the birthplace of fake smartphones) was not an original Xiaomi smartphone but a coun

FBI Arrested CEO of 'StealthGenie' for Selling Mobile Spyware Apps

FBI Arrested CEO of 'StealthGenie' for Selling Mobile Spyware Apps
October 01, 2014Wang Wei
The Federal Bureau of Investigation (FBI) has arrested the CEO of a UK-based company for allegedly advertising and selling a spyware app to individuals who suspect their romantic partners of cheating on them. The dodgy cell phone spyware application, dubbed as StealthGenie , monitors victims' phone calls, text messages, videos, emails and other communications "without detection" when it is installed on a target's phone, according to the Department of Justice. The chief executive officer of a mobile spyware maker is a Pakistani man collared 31-year-old Hammad Akbar , of Lahore, who was arrested over the weekend in Los Angeles for flogging StealthGenie spyware application and now faces a number of federal charges. According to the US Department of Justice, Akbar operates a company called InvoCode, which sold the StealthGenie spyware app online that can intercept communications to and from mobile phones including Apple, Google, and BlackBerry devices. T
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.