CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Mobile & Wireless

CISA Warns of Spyware Targeting Messaging App Users

CISA has described the techniques used by attackers and pointed out that the focus is on high-value individuals. The post CISA Warns of Spyware Targeting Messaging App Users appeared first on SecurityWeek.

Spyware targets mobile

The cybersecurity agency CISA on Monday issued a warning over the use of commercial spyware to target the users of mobile messaging applications such as WhatsApp and Signal.

“Cyber actors use sophisticated targeting and social engineering techniques to deliver spyware and gain unauthorized access to a victim’s messaging app, facilitating the deployment of additional malicious payloads that can further compromise the victim’s mobile device,” CISA said.

The agency has referenced several threats and incidents detailed this year by the cybersecurity industry.

It pointed out that threat actors have leveraged zero-day and zero-click exploits to deliver spyware to targeted users. Examples provided by the agency include attacks conducted via WhatsApp against Apple device users, and Samsung phone owners being targeted with Android spyware named Landfall.

The cybersecurity agency also pointed to attacks in which Russian threat actors exploited Signal’s ‘linked devices’ feature for real-time spying. 

CISA’s alert also cites NSO spyware targeting WhatsApp users and the potential risks for strategic targets.

The alert also references incidents in which hackers delivered spyware by disguising it as popular messaging applications. The ClayRat Android spyware, for instance, was delivered to Russian users disguised as WhatsApp. ProSpy and ToSpy were delivered to Android users in the United Arab Emirates disguised as Signal and ToTok.

“While current targeting remains opportunistic, evidence suggests these cyber actors focus on high-value individuals, such as current and former high-ranking government, military, and political officials, as well as civil society organizations (CSOs) and individuals across the United States, Middle East, and Europe,” CISA noted.

CISA has urged at-risk users to review its updated guidance for mobile communications security and its guidance for civil society

Related: Chrome Zero-Day Exploitation Linked to Hacking Team Spyware

Related: Samsung Patches Zero-Day Exploited Against Android Users

Related: Apple Sends Fresh Wave of Spyware Notifications to French Users

Latest News

CYBERNEWSMEDIAPublisher