Android devices targeted by novel SandStrike spyware - SC Media

Android devices are being compromised with the caller SandStrike spyware distributed done a malicious VPN app, BleepingComputer reports. Social media accounts are being leveraged by menace actors to people Persian-speaking practitioners of the Bah Faith, a study from Kaspersky revealed. "To lure victims into downloading spyware implants, the SandStrike adversaries acceptable up Facebook and Instagram accounts with much than 1,000 followers and designed charismatic religious-themed materials, mounting up an effectual trap for adherents of this belief. Most of these societal media accounts incorporate a nexus to a Telegram transmission besides created by the attacker," said Kaspersky. Aside from exfiltrating telephone logs and interaction lists, SandStrike could besides show Android instrumentality activity, the study added. While SandStrike is yet to beryllium pinned to a circumstantial menace actor, different Kaspersky study showed that Exchange servers successful the Middle East susceptible to ProxyLogon vulnerabilities are being targeted with the caller FramedGolf backdoor. "The malware has been utilized to compromise astatine slightest a twelve organizations, starting successful April 2021 astatine the latest, with astir inactive compromised successful precocious June 2022," Kaspersky added.