ViperRAT spyware resurfaces in Google Play Store

One year after a hacking campaign targeted Israeli Defense Force soldiers, the ViperRAT malware family returned to the Google Play Store, according to new research from the mobile security firm Lookout. ViperRAT made waves last year after a wave of IDF personnel fell victim to social engineering attacks from hackers posing as young women, who tricked the soldiers into installing third-party apps that copied files and spied on communications. The malware relatively disappeared after intense media coverage, but the new samples look even more sophisticated — so much so that they’ve snuck into the Google Play Store. It’s not clear who is  being targeted or responsible for building the ViperRAT 2.0. The two ViperRAT malicious chat apps (called VokaChat and Chattak) in the Google Play Store were downloaded over 1,000 times before Lookout discovered and Google removed them. “The chat functionality of the apps, which in earlier ViperRAT samples did not function, […]

The post ViperRAT spyware resurfaces in Google Play Store appeared first on Cyberscoop.

Continue reading ViperRAT spyware resurfaces in Google Play Store

Phishing attacks against mobile devices rise 85 percent annually

People can talk about zero-day exploits, IoT botnets and APTs all day long, but often times the simplest approach for attackers remains the most effective. Phishing, which has long been the top attack vector against all manner of targets, is as pervasive and effective as ever. Hackers are increasingly targeting ubiquitous mobile devices and victims are readily falling for it. The rate at which victims are falling for phishing attacks on mobile has increased and average of 85 percent every year since 2011, according to new research from the mobile security company Lookout. “Mobile devices have opened a profitable new window of opportunity for criminals executing phishing attacks,” the researchers wrote. “Attackers are successfully circumventing existing phishing protection to target the mobile device. These attacks are highlighting security shortcomings and exposing sensitive data and personal information at an alarming rate.” The numbers add up. More than ever, internet users’ most important device — for work and personal data […]

The post Phishing attacks against mobile devices rise 85 percent annually appeared first on Cyberscoop.

Continue reading Phishing attacks against mobile devices rise 85 percent annually

Major uptick in mobile phishing URL click rate

In a study of Lookout users, more than half clicked mobile phishing URLs that bypassed existing security controls. Since 2011, Lookout has observed this mobile phishing URL click rate increase 85 percent year-over-year. “Mobile devices have eroded the … Continue reading Major uptick in mobile phishing URL click rate

Researchers uncover mobile, PC surveillance platform tied to different nation-state actors

The Electronic Frontier Foundation (EFF) and mobile security company Lookout have uncovered a new malware espionage campaign that has targeted activists, journalists, lawyers, military personnel, and enterprises in more than 20 countries in North Ameri… Continue reading Researchers uncover mobile, PC surveillance platform tied to different nation-state actors

Hackers linked to Lebanese government caught in global cyber-espionage operation

The General Directorate of General Security, a Lebanese intelligence agency, has been tied to a mobile hacking operation discovered by researchers with cybersecurity firm Lookout Mobile Security and digital rights group Electronic Frontier Foundation (EFF). Lookout and EFF are calling the hacking campaign “Dark Caracal,” in reference to a wild cat native to Africa and the Middle East. The operation was revealed today by the organizations, in which they discovered that hackers are using malicious smartphone applications and websites to steal passwords and eavesdrop on conversations. The organizations shared their discoveries in a 49-page report. The Dark Caracal hackers reportedly used several different email phishing strategies to lace familiar applications and websites, like Twitter, Facebook and WhatsApp, with malware. They also used fake login pages to acquire personal information. Some victims could have even been hacked by clicking on booby- trapped messages and lures that led them to fake social media […]

The post Hackers linked to Lebanese government caught in global cyber-espionage operation appeared first on Cyberscoop.

Continue reading Hackers linked to Lebanese government caught in global cyber-espionage operation

Lebanese Government Hackers Hit Thousands of Victims With Incredibly Simple Campaign

Security researchers uncover several years-long espionage and hacking campaigns, pinpointing them to a specific building in Beirut, Lebanon. Continue reading Lebanese Government Hackers Hit Thousands of Victims With Incredibly Simple Campaign

The mobile workforce: Productive, but susceptible to data compromise

An enterprise’s biggest problem when it comes to data compromise isn’t just technologies that are vulnerable, it’s how their employees use technology. Digital transformation, the mobile workforce, and the plethora of mobility programs (BYOD, COPE, etc.) both managed and unmanaged, have created an environment where employees have more choice than ever over the devices and apps they use. As individuals increasingly rely on mobile devices, the amount of personal and corporate data these devices access … More Continue reading The mobile workforce: Productive, but susceptible to data compromise

Why a mobile-focused APT could be behind John Kelly’s phone troubles

Earlier this month, news broke that White House Chief of Staff John Kelly’s personal mobile device was reportedly compromised, according to a memo acquired by Politico. I believe there’s a significant enough chance that he was attacked, not by a run-of-the-mill attacker, but by a mobile-focused Advanced Persistent Threat (mAPT) — that is, a nation-state or other highly resourced espionage-focused cyberattacker. What we know Kelly reportedly submitted his personal mobile device into U.S. government tech support “complaining that it wasn’t working or updating software properly,” according to the Politico report. That story comes from a memo created by White House aides and circulated throughout the administration. There is a chance that the device had been compromised for months while in Kelly’s possession, though the report states that Kelly did not use his personal device for White House purposes. While this may be true, a nation-state still has a lot to […]

The post Why a mobile-focused APT could be behind John Kelly’s phone troubles appeared first on Cyberscoop.

Continue reading Why a mobile-focused APT could be behind John Kelly’s phone troubles

Hackers linked to Chinese government used mobile malware to spy on ethnic minority

Security researchers say a hacking group likely linked to the Chinese government is conducting targeted surveillance against a Chinese ethnic minority, known as the Uyghurs, through the deployment of sophisticated mobile malware, according to new evidence published Friday by U.S. cybersecurity firm Lookout. The attackers are associated with a known Chinese threat actor previously codenamed “Scarlet Mimic” by security researchers with Palo Alto Networks, according to Michael Flossman, a senior security researcher with Lookout. Based on separate research by Palo Alto Networks and ThreatConnect, Scarlet Mimic’s past operations have followed closely with the interests of the Communist Party of China. The party remains worried about the potential for rebellion in the highly contested Xinjiang region, where the majority of the Uyghur population lives. Lookout found a series of booby trapped Android applications designed for Chinese users — a SIM Card Management, “Phone Guardian” and Google Searcher program — which carried the same […]

The post Hackers linked to Chinese government used mobile malware to spy on ethnic minority appeared first on Cyberscoop.

Continue reading Hackers linked to Chinese government used mobile malware to spy on ethnic minority

‘Highly active’ Hamas-linked hackers found spying on Palestinian political group

A “highly active” group of hackers, which some analysts believe may be linked to Hamas, are spying on Palestinian government employees, security services, university students and Fatah party politicians by infecting smartphones with malware, according to research conducted by mobile security firm Lookout. The espionage campaign is part of a broader effort by the hacker group, previously dubbed “Two-tailed Scorpion” by security researchers, to remotely collect information about Palestinians related in some way to the political process, including those individuals who may discuss, share or otherwise receive sensitive material on their mobile phones. Fatah and Hamas represent the two largest political parties of the State of Palestine, a contested territory that spans two separate areas, the West Bank and Gaza Strip — bordering on Israel, Jordan and Egypt. The two political organizations continuously clash with one another to control the state. Between 2006 and 2007, their rivalry led to an armed conflict […]

The post ‘Highly active’ Hamas-linked hackers found spying on Palestinian political group appeared first on Cyberscoop.

Continue reading ‘Highly active’ Hamas-linked hackers found spying on Palestinian political group