Updated Furball Android spyware leveraged in new attacks - SC Media

Iranian state-sponsored menace radical Domestic Kitten, besides known arsenic APT-C-50, has deployed the updated FurBall Android spyware successful mobile surveillance campaigns targeted astatine Iranian citizens, BleepingComputer reports. Despite having galore similarities with anterior versions, the caller FurBall malware includes obfuscation and command-and-control updates, according to an ESET report. Fraudulent sites impersonating morganatic ones person been leveraged by Domestic Kitten to dispersed the updated spyware, which has the capableness to bargain instrumentality location, SMS messages, clipboard contents, interaction list, telephone logs, notification contents, instrumentality info, and installed and moving apps. While the malware illustration obtained by ESET lone required contacts and retention media access, it could straight retrieve executable commands from its C2 server. The study besides showed that people names, logs, strings, and server URI paths person been added to FurBall's caller obfuscation layer. Such an obfuscation furniture has made the updated spyware detectable by lone 4 antivirus engines connected VirusTotal, compared with the older mentation being identified by 28 AV engines.