Spyware firms target iOS, Android, and Windows devices due to their widespread usage, making them lucrative targets for gathering sensitive information.
Each platform offers unique exploitation opportunities, with iOS and Android dominating the mobile market, while Windows remains a primary operating system for computers.
This complete scenario provides diverse avenues for surveillance and data collection.
Recently, Meta Platforms acted against eight surveillance-for-hire firms in Italy, Spain, and the U.A.E., as per the Q4 2023 “Adversarial Threat Report.”
Cybersecurity researchers at Meta Platform have reported that spyware from these companies has been actively targeting iPhones, Android, and Windows devices.
Live attack simulation Webinar demonstrates various ways in which account takeover can happen and practices to protect your websites and APIs against ATO attacks .
The malware used by spyware firms has stealthy features and capabilities that enable threat actors or operators to collect sensitive information from the targeted devices.
The following device information was accessed and collected by the malware:-
Besides this, it also enables and gives threat actors accessibility to these elements of the targeted devices: microphones, cameras, and screenshots.
Here below, we have mentioned all the spyware firms involved:-
Cybersecurity researchers asserted that all the above-mentioned spyware firms are also found to be engaged in scraping, social engineering, and phishing activity that targets a wide range of social platforms.
Fake personas linked to RCS Labs deceived users for phone numbers, email addresses, and surveillance.
Now removed, Variston IT’s Facebook and Instagram accounts aided exploit development and testing.
Meta reports that Variston IT is discontinuing operations. Negg Group and Mollitiam Industries were also identified for spyware testing and data collection.
Swedish telecom security firms suspect that the cyber attack method involves a unique binary SMS (MM1_notification.REQ) notifying of MMS, retrieved via MM1_retrieve.REQ and MM1_retrieve.RES, embedding device info in GET request as a fingerprint.
Moreover, it has potential for spyware deployment, tailored exploits, and phishing campaigns, but no recent evidence of exploitation in the wild.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
Researchers observed Lumma Stealer activity across multiple online samples, including PowerShell scripts and a disguised…
Palo Alto Networks reported the Contagious Interview campaign in November 2023, a financially motivated attack…
The recent discovery of the NjRat 2.3D Professional Edition on GitHub has raised alarms in…
A critical vulnerability, CVE-2024-3393, has been identified in the DNS Security feature of Palo Alto…
Threat Analysts have reported alarming findings about the "Araneida Scanner," a malicious tool allegedly based…
A major dark web operation dedicated to circumventing KYC (Know Your Customer) procedures, which involves…