Category Archive malware_blog

[Malware “Agent Smith”] infected 25M Android devices (13/7)

It’s believed the malware originated from a Chinese internet company that helps Chinese Android developers publish and promote their apps in foreign markets. The malware was disguised as Google-related updaters and “vending modules,” which hid its own app icons and automatically replaced already-installed legitimate apps with its own version without the user knowing. This lead the researchers to name the malware “Agent Smith” because its behavior is similar to the character in the film The Matrix of the same name.

https://mashable.com/article/agent-smith-android-malware/

[Malware: FinSpy] Spyware dealers spotted in Myanmar (11/7)

A powerful German spyware company had its hacking tools spotted in Myanmar.
The news: One of the oldest private hacking companies around found itself in the spotlight again this week. Gamma Group, a German company that sells spyware to the highest bidder, was discovered within the last year to be spying on dozens of mobile devices in different parts of the world by the Russian cybersecurity company Kaspersky. Last month, Kaspersky found Gamma Group’s FinSpy malware in Myanmar. The hacking tool known as FinSpy, if successful, steals everything from text messages to emails, photos, and GPS data. It also targets secure and encrypted messengers like Signal, WhatsApp, and Telegram. Those apps, often used for their exceptional security against hackers at a distance, offer little protection against malware that’s successfully executed on a target’s phone.

https://www.technologyreview.com/f/613939/spyware-dealers-spotted-in-myanmar/

[Malware] US Cyber Command Hints at Use of Old Outlook Vulnerability in Recent Cyber-Attacks (4/7)

The old Microsoft Outlook vulnerability, which was long patched, is apparently being used in an increasing number of state-backed cybercrime campaigns….

https://www.news18.com/news/tech/us-cyber-command-hints-at-use-of-old-outlook-vulnerability-in-recent-cyber-attacks-2215951.html

[Malware] New MacOS Malware Discovered (4/7)

https://www.darkreading.com/attacks-breaches/new-macos-malware-discovered-/d/d-id/1335135?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

A wave of malware targeting MacOS over the past month has raised the profile of the operating system once advertised as much safer than Windows. The newest attack code for the Mac includes three pieces of malware found in June — a zero-day exploit, a package that includes sophisticated anti-detection and obfuscation routines, and a family of malware that uses the Safari browser as an attack surface.