State-sponsored Iranian hackers uploaded fake VPN app to Google’s Play store, posed as university officials
Suspected government-backed hackers from Iran have used an array of techniques, from password theft to uploading a fake app to a prominent app marketplace, to try gathering intelligence from targets over the past year, Google said in a bulletin published Thursday. The espionage group APT35, also known as Charming Kitten, last year successfully uploaded to Google’s Play Store an app that masqueraded as a virtual private network service, claiming the tool would safeguard user data. In fact, the apparent VPN program functioned as spyware, collecting call logs, text messages, contacts and location data from affected devices. Google said in an Oct. 14 update that it detected the program “quickly” and removed it before any downloads occurred. The surveillance app marks an update to existing APT 35 tactics. The group is best known for reportedly targeting email accounts associated with former President Donald Trump’s election campaign in 2020 and espionage around […]
The post State-sponsored Iranian hackers uploaded fake VPN app to Google’s Play store, posed as university officials appeared first on CyberScoop.