1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • This malicious VPN targets Android devices with spyware

    From TechnologyDaily@1337:1/100 to All on Wed Nov 2 17:15:04 2022
    This malicious VPN targets Android devices with spyware

    Date:
    Wed, 02 Nov 2022 17:04:00 +0000

    Description:
    Followers of a small religion are being targeted for their sensitive information, Kaspersky finds.

    FULL STORY ======================================================================

    Followers of a small and relatively new religion developing in Iran and parts of the Middle East are being targeted by spyware delivered via a malicious
    VPN service, according to new findings from Kaspersky.

    In its report, the company says practitioners of the Bah Faith are being targeted with SandStrike spyware, which is being delivered to their endpoints via a malicious, unnamed VPN service.

    Whoever is behind the attack has set up several Facebook pages and groups, Instagram accounts, and a Telegram channel that claim to promote the
    teachings of the Bah Faith to lure in as many believers (and other curious people) to join. However, the accounts are used to promote the VPN service, under the pretense that it can be used to bypass censorship of religious materials in certain regions. Legitimate VPN

    The download links are distributed via Telegram, where its groups have more than 1,000 followers, Kaspersky says.

    The VPN app being advertised is functional, and works as intended, the researchers found. They also said it even has its own VPN infrastructure, but installing the client also installs the SandStrike spyware, which exfiltrates sensitive, or personally identifiable information , to the attackers.

    The data SandStrike collects includes call logs and contact lists, but it
    will also monitor the device in its entirety, to better keep track of the victims behavior. Read more

    These Android spyware apps are spreading like wildfire


    This dangerous Android spyware could affect millions of devices


    These are the best firewalls right now

    Android spyware is a common threat, but the attackers are usually hunting for payment data, cryptocurrency wallets, and similar. In fact, an updated
    version of the Banker Android spyware was detected in late September 2022. This spyware steals the victim's banking details and possibly even money in some cases.

    According to cybersecurity researchers from Microsoft, an unknown threat
    actor has initiated a smishing campaign (SMS phishing), through which it
    tries to trick people into downloading TrojanSpy:AndroidOS/Banker.O. This is
    a malware variant thats capable of extracting all sorts of sensitive information, including two-factor authentication (2FA) codes, account login details, and other personally identifiable information (PII). Check out the best endpoint protection services out there

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/this-malicious-vpn-targets-android-devices-with -spyware/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)