In March 2024, Kaspersky researchers discovered a campaign targeting individuals in Russia with previously unseen Android spyware they dubbed LianSpy. Kaspersky analysis indicates that the malware has been active since July 2021.
This threat is equipped to capture screencasts, exfiltrate user files, and harvest call logs and app lists. The malicious actor behind LianSpy employs multiple evasive tactics, such as leveraging a Russian cloud service, Yandex Disk, for C2 communications. They also avoid having dedicated infrastructure, and employ a lot of other features to keep the spyware undiscovered. Some of these features suggest that LianSpy is most likely deployed through either an unknown vulnerability or direct physical access to the target phone.
Read more…
Source: Kaspersky
Related:
- Spy malware secrets: How complex ‘Slingshot’ hit targets via hacked routers
March 12, 2018
Researchers at Kaspersky Lab have discovered espionage malware that appears to have been developed by a government to spy on targets across Africa and the Middle East for the past six years. The researchers haven’t named Slingshot’s country of origin, but note the presence of debug messages written in perfect English, while various component names such ...
- Australian universities and NGOs targeted by Iranian and Chinese hackers
February 27, 2018
Australian universities have been targeted by hackers with connections to Iran in recent months, and “a number of investigations” are in progress, according to cybersecurity firm CrowdStrike. “There are a lot of things that are happening geopolitically that are driving a lot of attacks,” the company’s vice president for technology strategy Michael Sentonas told journalists in ...
- Cyber Espionage Group Targets Asian Countries With Bitcoin Mining Malware
February 7, 2018
Security researchers have discovered a custom-built piece of malware that’s wreaking havoc in Asia for past several months and is capable of performing nasty tasks, like password stealing, bitcoin mining, and providing hackers complete remote access to compromised systems. Dubbed Operation PZChao, the attack campaign discovered by the security researchers at Bitdefender have been targeting organizations in the government, ...
- Undetectable CrossRAT malware targets Windows, MacOS, and Linux systems
January 28, 2018
Are you using Linux or Mac OS? If you think your system is not prone to viruses, then you should read this. Wide-range of cybercriminals are now using a new piece of ‘undetectable’ spying malware that targets Windows, macOS, Solaris and Linux systems. Just last week we published a detailed article on the report from EFF/Lookout that revealed a ...
- A Secret Hacking Group Is Using Android Malware to Spy on Thousands of People in 21 Countries, Research Finds
January 19, 2018
A shadowy hacking campaign has been operating out of a Beirut building owned by the Lebanese General Directorate of General Security for the last six years, stealing text messages, call logs, and files from journalists, military members, corporations, and other targets in 21 countries, according to a joint report released today by cybersecurity firm Lookout and digital ...
- Potent Skygofree Malware Packs ‘Never-Before-Seen’ Features
January 17, 2018
Researchers have identified a powerful new Android malware strain called Skygofree capable of eavesdropping on WhatsApp messages, siphoning private data off phones and allowing adversaries to open reverse shell modules on targeted devices, giving attackers ultimate remote control. Researchers said the malware was developed three years ago and has evolved significantly since then to include 48 ...