Sunday, May 4, 2025
HomeCyber Security NewsMeta Unveils 8 Spyware Companies Targeting iOS, Android, & Windows Devices

Meta Unveils 8 Spyware Companies Targeting iOS, Android, & Windows Devices

Published on

SIEM as a Service

Follow Us on Google News

Spyware firms target iOS, Android, and Windows devices due to their widespread usage, making them lucrative targets for gathering sensitive information. 

Each platform offers unique exploitation opportunities, with iOS and Android dominating the mobile market, while Windows remains a primary operating system for computers. 

This complete scenario provides diverse avenues for surveillance and data collection.

- Advertisement - Google News

Recently, Meta Platforms acted against eight surveillance-for-hire firms in Italy, Spain, and the U.A.E., as per the Q4 2023 “Adversarial Threat Report.” 

Cybersecurity researchers at Meta Platform have reported that spyware from these companies has been actively targeting iPhones, Android, and Windows devices.

Document
Live Account Takeover Attack Simulation

How do Hackers Bypass 2FA?

Live attack simulation Webinar demonstrates various ways in which account takeover can happen and practices to protect your websites and APIs against ATO attacks .

Meta Warns Of 8 Spyware Firms

The malware used by spyware firms has stealthy features and capabilities that enable threat actors or operators to collect sensitive information from the targeted devices.

The following device information was accessed and collected by the malware:- 

  • Location
  • Photos
  • Media
  • Contacts
  • Calendar
  • Email
  • SMS
  • Social media
  • Messaging apps

Besides this, it also enables and gives threat actors accessibility to these elements of the targeted devices: microphones, cameras, and screenshots.

Spyware Firms Involved

Here below, we have mentioned all the spyware firms involved:-

  • Cy4Gate/ELT Group
  • RCS Labs
  • IPS Intelligence
  • Variston IT
  • TrueL IT
  • Protect Electronic Systems
  • Negg Group
  • Mollitiam Industries

Cybersecurity researchers asserted that all the above-mentioned spyware firms are also found to be engaged in scraping, social engineering, and phishing activity that targets a wide range of social platforms.

Fake personas linked to RCS Labs deceived users for phone numbers, email addresses, and surveillance. 

Now removed, Variston IT’s Facebook and Instagram accounts aided exploit development and testing. 

Meta reports that Variston IT is discontinuing operations. Negg Group and Mollitiam Industries were also identified for spyware testing and data collection.

Swedish telecom security firms suspect that the cyber attack method involves a unique binary SMS (MM1_notification.REQ) notifying of MMS, retrieved via MM1_retrieve.REQ and MM1_retrieve.RES, embedding device info in GET request as a fingerprint. 

Moreover, it has potential for spyware deployment, tailored exploits, and phishing campaigns, but no recent evidence of exploitation in the wild.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Tushar Subhra
Tushar Subhra
Tushar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

Threat Actors Use AiTM Attacks with Reverse Proxies to Bypass MFA

Cybercriminals are intensifying their efforts to undermine multi-factor authentication (MFA) through adversary-in-the-middle (AiTM) attacks,...

Threat Actors Target Critical National Infrastructure with New Malware and Tools

A recent investigation by the FortiGuard Incident Response (FGIR) team has uncovered a sophisticated,...

New StealC V2 Upgrade Targets Microsoft Installer Packages and PowerShell Scripts

StealC, a notorious information stealer and malware downloader first sold in January 2023, has...

Subscription-Based Scams Targeting Users to Steal Credit Card Information

Cybersecurity researchers at Bitdefender have identified a significant uptick in subscription-based scams, characterized by...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Threat Actors Use AiTM Attacks with Reverse Proxies to Bypass MFA

Cybercriminals are intensifying their efforts to undermine multi-factor authentication (MFA) through adversary-in-the-middle (AiTM) attacks,...

Threat Actors Target Critical National Infrastructure with New Malware and Tools

A recent investigation by the FortiGuard Incident Response (FGIR) team has uncovered a sophisticated,...

New StealC V2 Upgrade Targets Microsoft Installer Packages and PowerShell Scripts

StealC, a notorious information stealer and malware downloader first sold in January 2023, has...