Android devices targeted by novel SandStrike spyware - SC Media

2 years ago 48

Device Security, Malware, Data security, Social engineering

November 2, 2022

Android devices are being compromised with the caller SandStrike spyware distributed done a malicious VPN app, BleepingComputer reports. Social media accounts are being leveraged by menace actors to people Persian-speaking practitioners of the Bah Faith, a study from Kaspersky revealed. "To lure victims into downloading spyware implants, the SandStrike adversaries acceptable up Facebook and Instagram accounts with much than 1,000 followers and designed charismatic religious-themed materials, mounting up an effectual trap for adherents of this belief. Most of these societal media accounts incorporate a nexus to a Telegram transmission besides created by the attacker," said Kaspersky. Aside from exfiltrating telephone logs and interaction lists, SandStrike could besides show Android instrumentality activity, the study added. While SandStrike is yet to beryllium pinned to a circumstantial menace actor, different Kaspersky study showed that Exchange servers successful the Middle East susceptible to ProxyLogon vulnerabilities are being targeted with the caller FramedGolf backdoor. "The malware has been utilized to compromise astatine slightest a twelve organizations, starting successful April 2021 astatine the latest, with astir inactive compromised successful precocious June 2022," Kaspersky added.

SC Staff

play button

Elon Tweets, Microsoft, KELA, Chegg, Overclocking, ConnectWise, & Aaran Leyland – SWN #252

November 1, 2022

This week successful the news, Dr. Doug talks: Elon Tweets, Microsoft, KELA, Chegg, Overclocking, Connectwise, and telephone repairs, on with Aaran Leyland connected the Security Weekly News!

More wide installed malicious Android apps identified

November 2, 2022

BleepingComputer reports 4 malicious Android apps developed by Mobile apps Group with much than a cardinal cumulative downloads successful the Google Play Store person been enabling the theft of delicate accusation done phishing sites and "pay-per-click" gross generation.

Funding circular lands $25M for MedCrypt

November 2, 2022

Medical instrumentality cybersecurity supplier MedCrypt has landed $25 cardinal successful a Series B backing round, bringing full concern to $34 million, successful a bid to amended support healthcare providers from aesculapian device-targeted cyberattacks, according to SiliconAngle.

Read Entire Article