An article published by SNG Scoop News Group, written by\u00a0Sean Lyngaas, reveals the way hacking groups are exploiting the pandemic differently to boost their surveillance efforts. <\/p>\n\n\n\n
It\u2019s not just opportunistic, financially-motivated criminals who are seizing on the novel coronavirus pandemic to conduct cyberattacks. Operators of spyware are also exploiting the health crisis to boost their surveillance efforts.<\/p>\n\n\n\n
Mobile security firm Lookout has\u00a0traced\u00a0a malicious Android application to what it says is a long-running campaign to spy on people in Libya. The spyware masquerades as the popular map produced by Johns Hopkins University that tracks the spread of COVID-19, the disease caused by the novel coronavirus.<\/p>\n\n\n\n
The software, called SpyMax, allows the operator to exfiltrate call and text logs, and remotely activate microphones and cameras.<\/p>\n\n\n\n
\u201cIn terms of other mobile malware that has been seen taking advantage of COVID-19 fears, this is the most invasive I\u2019ve seen,\u201d Kristin Del Rosso,\u00a0Lookout\u2019s security research engineer\u00a0told CyberScoop.<\/p>\n\n\n\n
The broader spying campaign has gone on for nearly a year, but its evolution shows how surveillance-minded hackers can exploit the\u00a0COVID-19\u00a0crisis.<\/p>\n\n\n\n
It started with applications targeting specific Libyan phone numbers, and then malicious code related to media players. \u201cOnly recently, in the midst of this pandemic, did we see two samples pertaining to COVID-19,\u201d Del Rosso said. The latest sample was signed in mid-March. The malicious apps were never in the Google Play store, Lookout said.<\/p>\n\n\n\n
The discovery shows how hacking groups with different motives will exploit the pandemic differently. There has been a\u00a0surge\u00a0in COVID-19-themed phishing activity from various actors that have prompted warnings from the World Health Organization and U.S. authorities.<\/p>\n\n\n\n
A \u201cnew short-term actor\u201d will likely look to defraud people through ransomware and desktop phishing, Del Rosso said. But a \u201clong-term actor with surveillance goals\u201d \u2013 like the one active in Libya \u2014 will have plenty of infrastructure in place that has been effective in past spying campaigns, she added.<\/p>\n\n\n\n
\u201cAn existing surveillance actor realizes it takes time, and often multiple attempts, to create the right malware that looks interesting enough for your target to download,\u201d Del Rosso added. The COVID-19 outbreak is a great opportunity to leverage that malware.<\/p>\n\n\n\n
More than nine years after the fall of former dictator\u00a0Moammar Gadhafi, Libya remains in turmoil, as warring factions continue to\u00a0vie for power.<\/p>\n\n\n\n
Lookout doesn\u2019t know how many mobile phones have been infected by the malware. There has been no indication that the hacking effort is state-sponsored, the firm said. Whoever is behind the spying campaign has been using IP addresses apparently tied to a Libyan telecommunications firm.<\/p>\n\n\n\n
The surveillance tools are available on the cheap, part of a broader family of spyware that can be tailored to one\u2019s needs. Such\u00a0spyware\u00a0will remain a convenient tool for anyone looking to track an adversary.<\/p>\n","protected":false},"excerpt":{"rendered":"
An article published by SNG Scoop News Group, written by\u00a0Sean Lyngaas, reveals the way hacking groups are exploiting the pandemic differently to boost their surveillance efforts. It\u2019s not just opportunistic, financially-motivated criminals who are seizing on the novel coronavirus pandemic to conduct cyberattacks. Operators of spyware are also exploiting the health crisis to boost their […]<\/p>\n","protected":false},"author":1,"featured_media":31365,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9271],"tags":[9649],"class_list":["post-31364","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","tag-covid-19hacking-groupslibyasurveillance"],"_links":{"self":[{"href":"https:\/\/tabadul.tv\/en\/wp-json\/wp\/v2\/posts\/31364","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tabadul.tv\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tabadul.tv\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tabadul.tv\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/tabadul.tv\/en\/wp-json\/wp\/v2\/comments?post=31364"}],"version-history":[{"count":0,"href":"https:\/\/tabadul.tv\/en\/wp-json\/wp\/v2\/posts\/31364\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tabadul.tv\/en\/wp-json\/wp\/v2\/media\/31365"}],"wp:attachment":[{"href":"https:\/\/tabadul.tv\/en\/wp-json\/wp\/v2\/media?parent=31364"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tabadul.tv\/en\/wp-json\/wp\/v2\/categories?post=31364"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tabadul.tv\/en\/wp-json\/wp\/v2\/tags?post=31364"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}