Tag: spyware
-
SpyX Data Breach Exposes Personal Information of Nearly 2 Million Users
SpyX, a company known for developing spyware, has experienced a data breach that compromised the personal information of nearly 2 million users. As per a report posted by Have I been Pwned, the breach, which occurred on June 24, 2024, exposed a wide array of sensitive data, including email addresses, IP addresses, device information, geographic…
-
WhatsApp fixed zero-day flaw used to deploy Paragon Graphite spyware
WhatsApp fixed a zero-click, zero-day vulnerability used to install Paragon’s Graphite spyware on the devices of targeted individuals. WhatsApp has addressed a zero-click, zero-day vulnerability exploited to install Paragon’s Graphite spyware on the devices of targeted individuals. WhatsApp blocked a spyware campaign by Paragon targeting journalists and civil society members after reports of the Citizen…
-
Data breach at stalkerware SpyX affects close to 2 million, including thousands of Apple users
Another consumer-grade spyware operation was hacked in June 2024, which exposed thousands of Apple Account credentials. First seen on techcrunch.com Jump to article: techcrunch.com/2025/03/19/data-breach-at-stalkerware-spyx-affects-close-to-2-million-including-thousands-of-apple-users/
-
Chinese Group Spreads Android Spyware via Trojan Signal, Telegram Apps
Thousands of devices have become infected with BadBazaar, malware previously used to spy on Uyghur and Turkic ethnic minorities in China. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/china-group-spreads-android-spyware-via-trojan-signal-telegram-apps
-
Amazon is still hosting spyware victims’ data weeks after breach alert
Amazon won’t say if it will stop hosting data from three phone surveillance operations that spilled private data on millions of people. First seen on techcrunch.com Jump to article: techcrunch.com/2025/03/13/amazon-is-still-hosting-stalkerware-victims-data-weeks-after-breach-alert/
-
Android spyware ‘KoSpy’ spread by suspected North Korean APT
First seen on scworld.com Jump to article: www.scworld.com/news/android-spyware-kospy-spread-by-suspected-north-korean-apt
-
North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy
North Korea-linked APT group ScarCruft used a new Android spyware dubbed KoSpy to target Korean and English-speaking users. North Korea-linked threat actor ScarCruft (aka APT37, Reaper, and Group123) is behind a previously undetected Android surveillance tool named KoSpy that was used to target Korean and English-speaking users. ScarCruft has been active since at least 2012, it made the…
-
North Korean Hackers Distributed Android Spyware via Google Play
The North Korea-linked APT37 has been observed targeting Android users with spyware distributed via Google Play. The post North Korean Hackers Distributed Android Spyware via Google Play appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-hackers-distributed-android-spyware-via-google-play/
-
Suspected North Korea Group Targets Android Devices with Spyware
A North Korea-backed threat group, APT37, disguised KoSpy as utility apps in Google Play to infect Android devices, using the spyware for such activities as gathering sensitive information, tracking locations, capturing screenshots, recording keystrokes, and accessing files. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/suspected-north-korea-group-targets-android-devices-with-spyware/
-
North Korean Hackers Use Google Play Malware to Steal SMS, Calls Screenshots
Cybersecurity researchers at Lookout Threat Lab have uncovered a sophisticated Android surveillance tool dubbed >>KoSpy,
-
Android apps laced with North Korean spyware found in Google Play
Google’s Firebase platform also hosted configuration settings used by the apps. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/03/researchers-find-north-korean-spy-apps-hosted-in-google-play/
-
New North Korean Android spyware slips onto Google Play
A new Android spyware named ‘KoSpy’ is linked to North Korean threat actors who have infiltrated Google Play and third-party app store APKPure through at least five malicious apps. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-north-korean-android-spyware-slips-onto-google-play/
-
Spyware in bogus Android apps is attributed to North Korean group
A North Korean nation-state group tracked as APT37 or ScarCruft placed infected utilities in Android app stores as part of an espionage campaign, according to researchers at Lookout. First seen on therecord.media Jump to article: therecord.media/north-korea-malware-android-apps-kospy-apt37-scarcruft
-
North Korean government hackers snuck spyware on Android app store
Cybersecurity firm Lookout found several samples of a North Korean spyware it calls KoSpy. First seen on techcrunch.com Jump to article: techcrunch.com/2025/03/12/north-korean-government-hackers-snuck-spyware-on-android-app-store/
-
Catalan court says NSO Group executives can be charged in spyware investigation
The ruling said that a lower court can charge two NSO Group co-founders and a former executive of two affiliate companies for the alleged hacking of a lawyer. First seen on techcrunch.com Jump to article: techcrunch.com/2025/03/05/catalan-court-says-nso-group-executives-can-be-charged-in-spyware-investigation/
-
Catalan court orders former NSO Group executives be indicted for spyware abuses
A provincial court in Barcelona has ordered that three former senior executives at NSO Group, a prominent spyware manufacturer, be indicted for their alleged role in a high-profile hacking scandal in which at least 63 Catalan civil society members were targeted with the company’s surveillance technology. First seen on therecord.media Jump to article: therecord.media/catalan-court-orders-nso-execs-investigated
-
The Trump Administration Is Deprioritizing Russia as a Cyber Threat
Plus: The FBI pins that ByBit theft on North Korea, a malicious app download breaches Disney, spyware targets a priest close to the pope, and more. First seen on wired.com Jump to article: www.wired.com/story/trump-administration-deprioritizing-russia-cyber-threat/
-
LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile
Cybersecurity researchers have flagged an updated version of the LightSpy implant that comes equipped with an expanded set of data collection features to extract information from social media platforms like Facebook and Instagram.LightSpy is the name given to a modular spyware that’s capable of infecting both Windows and Apple systems with an aim to harvest…
-
$1.4 Billion Stolen From ByBit in Biggest Crypto Theft Ever
Plus: Apple turns off end-to-end encrypted iCloud backups in the UK after pressure to install a backdoor, and two spyware apps expose victim data”, and the identities of people who installed the apps. First seen on wired.com Jump to article: www.wired.com/story/1-4-billion-stolen-from-bybit-in-biggest-crypto-theft-ever/
-
Top Polish anti-corruption official resigns amid spyware probe
The head of the Polish government’s anti-corruption bureau resigned under pressure Thursday after officials leading the country’s commission investigating wide-scale spyware abuse criticized her for allegedly withholding information. First seen on therecord.media Jump to article: therecord.media/top-polish-anti-corruption-official-resigns-spyware-probe
-
Spanish spyware startup Mollitiam Industries shuts down
The little-known surveillance vendor filed for bankruptcy in January, after years of peddling spyware to countries like Colombia. First seen on techcrunch.com Jump to article: techcrunch.com/2025/02/19/spanish-spyware-startup-mollitiam-industries-shuts-down/
-
Russian cyberespionage groups target Signal users with fake group invites
QR codes provide a means of phishing Signal users: These features now work by scanning QR codes that contain the cryptographic information needed to exchange keys between different devices in a group or to authorize a new device to an account. The QR codes are actually representations of special links that the Signal application knows…
-
Pegasus spyware infections found on several private sector phones
Mobile security company iVerify says that it discovered about a dozen new infections of the powerful Pegasus spyware on phones mostly used by people in private industry. First seen on therecord.media Jump to article: therecord.media/pegasus-spyware-infections-iverify
-
Italian Privacy Agency Warns Against Unlawful Spyware Use
Use Other Than for Police Purposes Can Invoke Fine Up to 20 Million Euros. The Italian privacy regulator warned against unlawful uses of Graphite spyware following reports of mass hacking campaigns using the tool. The Italian Data Protection Authority published a warning targeting commercial spyware developed by Israeli firm Paragon Solutions. First seen on govinfosecurity.com…
-
An Italian journalist speaks about being targeted with Paragon spyware
Tags: spywareAs an undercover journalist covering Italian politics, Francesco Cancellato is used to reporting on scandals. But he never thought he would be part of the story. First seen on therecord.media Jump to article: therecord.media/italian-journalist-speaks-about-being-targeted-spyware
-
Spyware maker caught distributing malicious Android apps for years
Italian company SIO, which sells to government customers, is behind an Android spyware campaign called Spyrtacus that spoofed popular apps like WhatsApp, per security researchers. First seen on techcrunch.com Jump to article: techcrunch.com/2025/02/13/spyware-maker-caught-distributing-malicious-android-apps-for-years/
-
Barcelona-based spyware startup Variston shuts down, per filing
Variston, a Barcelona-based spyware vendor, has reportedly shut down. Intelligence Online, a trade publication that covers the surveillance and intelligence industry, reports that a legal notice published in Barcelona’s registry on February 10 confirmed that Variston has been liquidated. TechCrunch has also seen the legal notice saying Variston has shuttered. This comes almost exactly a…
-
Barcelona-based spyware startup Variston reportedly shuts down
Variston, a Barcelona-based spyware vendor, is reportedly being liquidated. Intelligence Online, a trade publication that covers the surveillance and intelligence industry, reported that a legal notice published in Barcelona’s registry on February 10 confirmed that Variston has gone into liquidation. This comes almost exactly a year after TechCrunch reported that Variston was in the process…