Android Spyware Variant Snoops on WhatsApp, Telegram Messages
The Android malware comes from threat group APT-C-23, also known as Two-Tailed Scorpion and Desert Scorpion. Continue reading Android Spyware Variant Snoops on WhatsApp, Telegram Messages
Category Archives: APT-C-23
ESET catches spyware posing as Telegram, Android messaging apps
A hacking group that typically spies on targets in the Middle East has updated its malware and is distributing it through bogus versions of popular messaging apps such as Telegram, researchers say. The malware has been circulating since May 2019, according to Slovakia-based antivirus company ESET, which identified it in collaboration with researchers at MalwareHunterTeam. ESET does not speculate about the intentions of the group, known as APT-C-23 or Two-tailed Scorpion, but in 2017 and 2018, other researchers linked it to the Palestinian organization Hamas. In most cases, victims are infected by visiting a fake app store, “DigitalApps,” containing both clean and malicious software, ESET said in findings published Wednesday. The malware was hidden in apps posing as Telegram, another messaging platform, Threema, and a utility labeled as AndroidUpdate. Users who downloaded the two messaging apps had the apps’ full functionality, but also were infected with malware, ESET says. By impersonating an encrypted […]
The post ESET catches spyware posing as Telegram, Android messaging apps appeared first on CyberScoop.
Continue reading ESET catches spyware posing as Telegram, Android messaging apps
Google Play Boots Three Malicious Apps From Marketplace Tied to APTs
Researchers said three apps used to surveil Middle East targets were booted from the Google Play marketplace. Continue reading Google Play Boots Three Malicious Apps From Marketplace Tied to APTs
Hamas-linked spyware targeting Palestinians removed from Google Play store
A hacking group which analysts believe is linked to Hamas successfully placed highly targeted surveillanceware in the Google Play Store in order to spy on Palestinian targets, according to new research from the mobile security firm Lookout. The newly identified malware, known as Desert Scorpion, was deployed against over 100 individuals of interest in Palestine. A similar 2017 campaign from the same “highly active” group, dubbed APT-C-23. The group has been linked to Hamas’s political rivals as well as government employees, security services and university students. Desert Scorpion has been tied to a 2017 campaign, known as Frozen Cell, by reuse of the same social media profiles to promote the malware as well as infrastructure using similar IP blocks. APT-C-23 has been active since at least 2015 when U.S. cybersecurity firms Palo Alto Networks and ThreatConnect identified a campaign by the group targeting the United States, Israel, Palestinian Territories and Egypt. The malware allows its users to steal data from […]
The post Hamas-linked spyware targeting Palestinians removed from Google Play store appeared first on Cyberscoop.
Continue reading Hamas-linked spyware targeting Palestinians removed from Google Play store
‘Highly active’ Hamas-linked hackers found spying on Palestinian political group
A “highly active” group of hackers, which some analysts believe may be linked to Hamas, are spying on Palestinian government employees, security services, university students and Fatah party politicians by infecting smartphones with malware, according to research conducted by mobile security firm Lookout. The espionage campaign is part of a broader effort by the hacker group, previously dubbed “Two-tailed Scorpion” by security researchers, to remotely collect information about Palestinians related in some way to the political process, including those individuals who may discuss, share or otherwise receive sensitive material on their mobile phones. Fatah and Hamas represent the two largest political parties of the State of Palestine, a contested territory that spans two separate areas, the West Bank and Gaza Strip — bordering on Israel, Jordan and Egypt. The two political organizations continuously clash with one another to control the state. Between 2006 and 2007, their rivalry led to an armed conflict […]
The post ‘Highly active’ Hamas-linked hackers found spying on Palestinian political group appeared first on Cyberscoop.
Continue reading ‘Highly active’ Hamas-linked hackers found spying on Palestinian political group