Thursday, May 8, 2025
HomeCyber Security NewsLightSpy Hackers Target Indian Apple Device Users To Steal Sensitive Data

LightSpy Hackers Target Indian Apple Device Users To Steal Sensitive Data

Published on

SIEM as a Service

Follow Us on Google News

Hackers target Apple device users because they are perceived to be of higher social classes. This leads to targets who are richer than others and who can possibly provide more money to the hackers in one way or another.

Besides this, Apple’s ecosystem is interconnected, which means it has various points from which hackers can enter, leading to the compromise of accounts and devices.

BlackBerry cybersecurity researchers recently discovered that LightSpy hackers are actively targeting Indian Apple device users to steal sensitive data.

- Advertisement - Google News

LightSpy Hackers & Their Targets

LightSpy is a modular spying toolkit that can steal victims’ personal information, such as actual GPS coordinates or VOIP calls.

This new threat is dangerous because it allows hackers to follow targets with an exceptional degree of accuracy, expanding the potential impacts of this expansive surveillance on high-profile victims in politically sensitive regions.

LightSpy has an extensive spying capacity and can be used to monitor device data, QQ messenger content, WeChat messages, Telegram chats, and WeChat Pay history.

Document
Stop Advanced Phishing Attack With AI

AI-Powered Protection for Business Email Security

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by other email security solutions. .

This highly effective software program returned during escalated regional hostilities after its 2020 operations had focused on Hong Kong-oriented news websites for distribution. 

The threat group, based in servers located in Russia, China, and Singapore, is very interested in monitoring victims involved in clashes of interests across South Asia.

This again highlights how even the slightest flare-ups pose a constant danger to the people involved there.

The motives behind this campaign and the geopolitical implications for Southern Asia that it has raised become sources of worry because of suspected links with China.

Hyper-targeted attacks like these may impact only a tiny fraction of individuals, such as journalists, activists, or politicians, but at the same time can be seen as a worldwide threat.

Tech companies have recently pointed out the danger of state-sponsored election tampering. According to Apple, powerful mercenary spyware is one of the most complex digital threats in existence.

When the vulnerability is detected on news websites specifically reporting Hong Kong issues, the infection usually starts. 

Loader’s signature (Source – BlackBerry)

The attack advances with an initial implant, which collects device data and downloads successive stages.

These include LightSpy, which is the core implant, and special spying plugins.

The Loader starts by loading both the LightSpy kernel in encrypted form and decrypted form, BlackBerry said.

The recent campaign uses “F_Warehouse” framework that has various functionalities including file exfiltration, network reconnaissance, and audio recording. 

Besides this, executing shell commands can give full control to an attacker.

While the LightSpy maintains communication with its server as well as with an administrative panel that helps enhance its probable origin.

Recommendations

Here below we have mentioned all the recommendations:-

  • Exercise heightened vigilance
  • Use of Lockdown mode
  • Use highly secure voice and messaging solutions
  • Review the latest threat intelligence
  • Create an incident response plan
  • Update your devices
  • Use a passcode
  • Enable 2FA
  • Beware of unofficial software
  • Password hygiene
  • Think before you click
  • Restart your phone often

Looking to Safeguard Your Company from Advanced Cyber Threats? Deploy TrustNet to Your Radar ASAP.

Tushar Subhra
Tushar Subhra
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

LockBit Ransomware Group Breached: Internal Chats and Data Leaked Online

The notorious LockBit ransomware group, once considered one of the world’s most prolific cyber...

Cisco IOS XE Wireless Controllers Vulnerability Lets Attackers Seize Full Control

A critical security flaw has been discovered in Cisco IOS XE Wireless LAN Controllers...

Top Ransomware Groups Target Financial Sector, 406 Incidents Revealed

Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector...

Agenda Ransomware Group Enhances Tactics with SmokeLoader and NETXLOADER

The Agenda ransomware group, also known as Qilin, has been reported to intensify its...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

LockBit Ransomware Group Breached: Internal Chats and Data Leaked Online

The notorious LockBit ransomware group, once considered one of the world’s most prolific cyber...

Cisco IOS XE Wireless Controllers Vulnerability Lets Attackers Seize Full Control

A critical security flaw has been discovered in Cisco IOS XE Wireless LAN Controllers...

Top Ransomware Groups Target Financial Sector, 406 Incidents Revealed

Flashpoint analysts have reported that between April 2024 and April 2025, the financial sector...