Inside a Global Phone Spy Tool Monitoring Billions

A wide-spanning investigation by 404 Media reveals more details about a secretive spy tool that can tracks billions of phone profiles through the advertising industry called Patternz. Google has taken action in response to 404 Media's inquiries.

·404media.co·Jan 26, 2024

Inside a Global Phone Spy Tool Monitoring Billions

Amnesty confirms Apple warning: Indian journalists’ iPhones infected with Pegasus spyware

Apple's warnings in late October that Indian journalists and opposition figures may have been targeted by state-sponsored attacks prompted a forceful Behind closed doors, senior officials from Modi's administration demanded that Apple soften the political impact of the state-sponsored warnings, according to Washington Post.

#techcrunch #EN #2023 #state-sponsored #attacks #Pegasus #Apple #India #Amnesty #spyware #iPhone

·techcrunch.com·Dec 30, 2023

Amnesty confirms Apple warning: Indian journalists’ iPhones infected with Pegasus spyware

The Return of Candiru: Zero-days in the Middle East - Avast Threat Labs

We recently discovered a zero-day vulnerability in Google Chrome (CVE-2022-2294) when it was exploited in the wild in an attempt to attack Avast users in the Middle East. The vulnerability was a memory corruption in WebRTC that was abused to achieve shellcode execution in Chrome’s renderer process. We reported this vulnerability to Google, who patched it on July 4, 2022.

#avast #EN #2022 #Candiru #spyware #CVE-2022-2294 #webRTC

·decoded.avast.io·Jul 22, 2022

The Return of Candiru: Zero-days in the Middle East - Avast Threat Labs

Spyware vendor targets users in Italy and Kazakhstan

Today, alongside Google’s Project Zero, we are detailing capabilities provided by RCS Labs, an Italian vendor that uses a combination of tactics, including atypical drive-by downloads as initial infection vectors to target mobile users on both iOS and Android.

#GoogleTAG #EN #2022 #spyware #rcslab #Italy #Kazakhstan #Hermit

·blog.google·Jun 23, 2022

Spyware vendor targets users in Italy and Kazakhstan

Pegasus vs. Predator: Dissident's Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware

Two Egyptians—exiled politician Ayman Nour and the host of a popular news program (who wishes to remain anonymous)—were hacked with Predator spyware, built and sold by the previously little-known mercenary spyware developer Cytrox. The phone of Ayman Nour was simultaneously infected with both Cytrox’s Predator and NSO Group’s Pegasus spyware, operated by two different government clients.

#citizenlab #2021 #EN #Pegasus #Predator #spyware #privacy #IoC #Cytrox

·citizenlab.ca·May 23, 2022

Pegasus vs. Predator: Dissident's Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware

CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru

The Citizen Lab, in collaboration with Catalan civil society groups, has identified at least 65 individuals targeted or infected with mercenary spyware, including members of the European Parliament, Catalan Presidents, legislators, jurists, and members of civil society organisations.

#citizenlab #CatalanGate #EN #2022 #Pagasus #Catalan #spyware #EU

·citizenlab.ca·Apr 18, 2022

CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru

Pegasus spyware scandal uncovered by fake image file on an iPhone

The scandal over NSO Group's Pegasus spyware was uncovered by a single fake image file mistakenly left on an activist's iPhone, a report states, a discovery that prompted international outcry over privacy.

#appleinsider #Pegasus #Spyware #NSO #EN #2022 #iphone

·appleinsider.com·Feb 20, 2022

Pegasus spyware scandal uncovered by fake image file on an iPhone

‘Zero-Click’ Hacks Are Growing in Popularity. There’s Practically No Way to Stop Them

As a journalist working for the Arab news network Alaraby, Rania Dridi said she’s taken precautions to avoid being targeted by hackers, keeping an eye out for suspicious messages and avoiding clicking on links or opening attachments from people she doesn’t know.

#Bloomberg #EN #2022 #zeroclick #spyware #NSO #governement #spy #privacy #attack

·bloombergquint.com·Feb 19, 2022

‘Zero-Click’ Hacks Are Growing in Popularity. There’s Practically No Way to Stop Them

Spyware Targeting Against Serbian Civil Society - The Citizen Lab

We confirm that two members of Serbian civil society were targeted with spyware earlier this year. Both have publicly criticized the Serbian government. We are not naming the individuals at this time by their request. The Citizen Lab’s technical analysis of forensic artifacts was conducted in support of an investigation led by Access Now in collaboration with the SHARE Foundation. Researchers from Amnesty International independently analyzed the cases and their conclusions match our findings.

#CitizenLab #EN #2023 #Serbia #Pegasus #spyware #homekit #iOS

·citizenlab.ca·Nov 28, 2023

Spyware Targeting Against Serbian Civil Society - The Citizen Lab

Spyware in Serbia: civil society under attack - Access Now

Access Now and our partners have discovered that civil society in Serbia have been targeted with invasive spyware technology. Here’s what we know.

#accessnow #EN #2023 #Serbia #Pegasus #spyware #homekit #iOS

·accessnow.org·Nov 28, 2023

Spyware in Serbia: civil society under attack - Access Now

The Return of Candiru: Zero-days in the Middle East - Avast Threat Labs

We recently discovered a zero-day vulnerability in Google Chrome (CVE-2022-2294) when it was exploited in the wild in an attempt to attack Avast users in the Middle East. The vulnerability was a memory corruption in WebRTC that was abused to achieve shellcode execution in Chrome’s renderer process. We reported this vulnerability to Google, who patched it on July 4, 2022.

#avast #EN #2022 #Candiru #spyware #CVE-2022-2294 #webRTC

·decoded.avast.io·Jul 22, 2022

The Return of Candiru: Zero-days in the Middle East - Avast Threat Labs

Spyware vendor targets users in Italy and Kazakhstan

Today, alongside Google’s Project Zero, we are detailing capabilities provided by RCS Labs, an Italian vendor that uses a combination of tactics, including atypical drive-by downloads as initial infection vectors to target mobile users on both iOS and Android.

#GoogleTAG #EN #2022 #spyware #rcslab #Italy #Kazakhstan #Hermit

·blog.google·Jun 23, 2022

Spyware vendor targets users in Italy and Kazakhstan

Pegasus vs. Predator: Dissident's Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware

Two Egyptians—exiled politician Ayman Nour and the host of a popular news program (who wishes to remain anonymous)—were hacked with Predator spyware, built and sold by the previously little-known mercenary spyware developer Cytrox. The phone of Ayman Nour was simultaneously infected with both Cytrox’s Predator and NSO Group’s Pegasus spyware, operated by two different government clients.

#citizenlab #2021 #EN #Pegasus #Predator #spyware #privacy #IoC #Cytrox

·citizenlab.ca·May 23, 2022

Pegasus vs. Predator: Dissident's Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware

CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru

The Citizen Lab, in collaboration with Catalan civil society groups, has identified at least 65 individuals targeted or infected with mercenary spyware, including members of the European Parliament, Catalan Presidents, legislators, jurists, and members of civil society organisations.

#citizenlab #CatalanGate #EN #2022 #Pagasus #Catalan #spyware #EU

·citizenlab.ca·Apr 18, 2022

CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru

Pegasus spyware scandal uncovered by fake image file on an iPhone

The scandal over NSO Group's Pegasus spyware was uncovered by a single fake image file mistakenly left on an activist's iPhone, a report states, a discovery that prompted international outcry over privacy.

#appleinsider #Pegasus #Spyware #NSO #EN #2022 #iphone

·appleinsider.com·Feb 20, 2022

Pegasus spyware scandal uncovered by fake image file on an iPhone

‘Zero-Click’ Hacks Are Growing in Popularity. There’s Practically No Way to Stop Them

As a journalist working for the Arab news network Alaraby, Rania Dridi said she’s taken precautions to avoid being targeted by hackers, keeping an eye out for suspicious messages and avoiding clicking on links or opening attachments from people she doesn’t know.

#Bloomberg #EN #2022 #zeroclick #spyware #NSO #governement #spy #privacy #attack

·bloombergquint.com·Feb 19, 2022

‘Zero-Click’ Hacks Are Growing in Popularity. There’s Practically No Way to Stop Them

Triangulation: validators, post-compromise activity and modules | Securelist

In this report Kaspersky shares insights into the validation components used in Operation Triangulation, TriangleDB implant post-compromise activity, as well as details of some additional modules.

#securelist #EN #2023 #iOS #Apple #macOS #APT #Malware #Malware-Description #analysis #spyware #Triangulation

·securelist.com·Oct 26, 2023

Triangulation: validators, post-compromise activity and modules | Securelist

PREDATOR IN THE WIRES: Ahmed Eltantawy Targeted with Predator Spyware After Announcing Presidential Ambitions

Between May and September 2023, former Egyptian MP Ahmed Eltantawy was targeted with Cytrox's Predator spyware via links sent on SMS and WhatsApp after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian elections. As Egypt is a known customer of Cytrox's Predator spyware, and the spyware was delivered via network injection from a device located physically inside Egypt, we attribute the attack to the Egyptian government with high confidence.

#CitizenLab #EN #2023 #spyware #Egypt #Predator #CVE-2023-41991 #CVE-2023-41992 #CVE-2023-41993

·citizenlab.ca·Sep 23, 2023

PREDATOR IN THE WIRES: Ahmed Eltantawy Targeted with Predator Spyware After Announcing Presidential Ambitions

0-days exploited by commercial surveillance vendor in Egypt

Last week Google’s Threat Analysis Group (TAG), in partnership with The Citizen Lab, discovered an in-the-wild 0-day exploit chain for iPhones. Developed by the commercial surveillance vendor, Intellexa, this exploit chain is used to install its Predator spyware surreptitiously onto a device. In response, yesterday, Apple patched the bugs in iOS 16.7 and iOS 17.0.1 as CVE-2023-41991, CVE-2023-41992, CVE-2023-41993. This quick patching from Apple helps to better protect users and we encourage all iOS users to install them as soon as possible.

#Google #EN #2023 #TAG #Apple #Android #CitizenLab #Predator #spyware #Intellexa #CVE-2023-41993 #CVE-2023-41991 #CVE-2023-41992 #Exploit #Chain #0-days

·blog.google·Sep 23, 2023

0-days exploited by commercial surveillance vendor in Egypt

Two spyware tied with China found hiding on the Google Play Store

This week, our engine detected two spyware hiding on the Google Play Store and affecting up to 1.5 million users.

#pradeo #EN #Android #spyware #GooglePlay

·blog.pradeo.com·Jul 7, 2023

Two spyware tied with China found hiding on the Google Play Store

LetMeSpy, a phone tracking app spying on thousands, says it was hacked

A data breach reveals the spyware is built by a Polish developer

#techcrunch #EN #2023 #LetMeSpy #phone #spyware #hacked #databreach

·techcrunch.com·Jun 27, 2023

LetMeSpy, a phone tracking app spying on thousands, says it was hacked

Dissecting TriangleDB, a Triangulation spyware implant

In researching Operation Triangulation, we set ourselves the goal to retrieve as many parts of the exploitation chain as possible. As of now, we have finished analyzing the spyware implant and are ready to share the details.

#securelist #EN #2023 #Apple #iOS #APT #Malware-Descriptions #Spyware #Targeted-attacks #Triangulation #malware

·securelist.com·Jun 21, 2023

Dissecting TriangleDB, a Triangulation spyware implant

The Return of Candiru: Zero-days in the Middle East - Avast Threat Labs

We recently discovered a zero-day vulnerability in Google Chrome (CVE-2022-2294) when it was exploited in the wild in an attempt to attack Avast users in the Middle East. The vulnerability was a memory corruption in WebRTC that was abused to achieve shellcode execution in Chrome’s renderer process. We reported this vulnerability to Google, who patched it on July 4, 2022.

#avast #EN #2022 #Candiru #spyware #CVE-2022-2294 #webRTC

·decoded.avast.io·Jul 22, 2022

The Return of Candiru: Zero-days in the Middle East - Avast Threat Labs

Spyware vendor targets users in Italy and Kazakhstan

Today, alongside Google’s Project Zero, we are detailing capabilities provided by RCS Labs, an Italian vendor that uses a combination of tactics, including atypical drive-by downloads as initial infection vectors to target mobile users on both iOS and Android.

#GoogleTAG #EN #2022 #spyware #rcslab #Italy #Kazakhstan #Hermit

·blog.google·Jun 23, 2022

Spyware vendor targets users in Italy and Kazakhstan

Pegasus vs. Predator: Dissident's Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware

Two Egyptians—exiled politician Ayman Nour and the host of a popular news program (who wishes to remain anonymous)—were hacked with Predator spyware, built and sold by the previously little-known mercenary spyware developer Cytrox. The phone of Ayman Nour was simultaneously infected with both Cytrox’s Predator and NSO Group’s Pegasus spyware, operated by two different government clients.

#citizenlab #2021 #EN #Pegasus #Predator #spyware #privacy #IoC #Cytrox

·citizenlab.ca·May 23, 2022

Pegasus vs. Predator: Dissident's Doubly-Infected iPhone Reveals Cytrox Mercenary Spyware

CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru

The Citizen Lab, in collaboration with Catalan civil society groups, has identified at least 65 individuals targeted or infected with mercenary spyware, including members of the European Parliament, Catalan Presidents, legislators, jurists, and members of civil society organisations.

#citizenlab #CatalanGate #EN #2022 #Pagasus #Catalan #spyware #EU

·citizenlab.ca·Apr 18, 2022

CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru

Pegasus spyware scandal uncovered by fake image file on an iPhone

The scandal over NSO Group's Pegasus spyware was uncovered by a single fake image file mistakenly left on an activist's iPhone, a report states, a discovery that prompted international outcry over privacy.

#appleinsider #Pegasus #Spyware #NSO #EN #2022 #iphone

·appleinsider.com·Feb 20, 2022

Pegasus spyware scandal uncovered by fake image file on an iPhone

‘Zero-Click’ Hacks Are Growing in Popularity. There’s Practically No Way to Stop Them

As a journalist working for the Arab news network Alaraby, Rania Dridi said she’s taken precautions to avoid being targeted by hackers, keeping an eye out for suspicious messages and avoiding clicking on links or opening attachments from people she doesn’t know.

#Bloomberg #EN #2022 #zeroclick #spyware #NSO #governement #spy #privacy #attack

·bloombergquint.com·Feb 19, 2022

‘Zero-Click’ Hacks Are Growing in Popularity. There’s Practically No Way to Stop Them

“Clickless” iOS exploits infect Kaspersky iPhones with never-before-seen malware | Ars Technica

"Operation Triangulation" stole mic recordings, photos, geolocation, and more.

#arstechnica #EN #2023 #Triangulation #iOS #Apple #kaspersky #Russia #spyware #NSA

·arstechnica.com·Jun 2, 2023

“Clickless” iOS exploits infect Kaspersky iPhones with never-before-seen malware | Ars Technica

A Matter of Triangulation.

Hi all, Today we have very big and important news. Kaspersky experts have discovered an extremely complex, professionally targeted cyberattack that uses Apple’s mobile devices. The purpose of this attack is the inconspicuous introduction of spyware into the iPhones of employees of the company – both top and middle-management. The attack is carried out using

#kaspersky #EN #2023 #iOS #0-Click #Triangulation #iphone #spyware #Apple

·eugene.kaspersky.com·Jun 2, 2023

A Matter of Triangulation.