Two spyware variants – Moonshine and BadBazaar – are being used to target the mobile devices of persons of interest to Chinese intelligence, including individuals in the Taiwanese, Tibetan and Uyghur communities.
In our first investigation into Israel-based spyware company, Paragon Solutions, we begin to untangle multiple threads connected to the proliferation of Paragon's mercenary spyware operations across the globe. This report includes an infrastructure analysis of Paragon’s spyware product, called Graphite; a forensic analysis of infected devices belonging to members of civil society; and a closer look at the use of Paragon spyware in both Canada and Italy.
Cybersecurity firm Lookout found several samples of a North Korean spyware it calls KoSpy.
Lookout researchers have discovered a novel Android surveillance tool dubber KoSpy. It is attributed to APT 37 aka ScarCruft
Amnesty International’s Security Lab uncovers sophisticated Cellebrite zero-day exploit, impacting billions of Android devices.
Amnesty International said that Google fixed previously unknown flaws in Android that allowed authorities to unlock phones using forensic tools. On
Security researchers found evidence that Cellebrite was used by Serbian police to hack into the cellphones of a local journalist and an activist.
Italian company SIO, which sells to government customers, is behind an Android spyware campaign called Spyrtacus that spoofed popular apps like WhatsApp, per security researchers.
As an undercover journalist covering Italian politics, Francesco Cancellato is used to reporting on scandals. But he never thought he would be part of the story.
Following allegations of potential abuse, Paragon Solutions has cut off Italy from its spyware systems.
Barcelone se mue en “capitale européenne de la cyberguerre”. Depuis un an et demi, “au moins trois équipes renommées d’experts en piratage informatique”, venus d’Israël, se sont installées dans la capitale de la Catalogne, détaille El Periódico de Catalunya. Le journal espagnol s’appuie sur les informations du quotidien de Tel-Aviv Ha’Aretz, qui a publié le 26 décembre un article sur les hackers “délocalisés” d’Israël vers des pays de l’Union européenne, dont l’Espagne.
Cybersecurity experts, who work with human rights defenders and journalists, agree that Apple is doing the right thing by sending notifications to victims of mercenary spyware — and at the same time refusing to forensically analyze the devices.
The precedent-setting ruling from a Northern California federal judge could lead to massive damages against NSO Group, whose notorious spyware has been reportedly used by various governments worldwide.
Apple rejects requests for a copy of a Harris campaign staffer's iPhone.
Serbian authorities are using spyware and Cellebrite forensic extraction tools to hack journalists and activists in a surveillance campaign.
Amnesty said it found NoviSpy, an Android spyware linked to Serbian intelligence, on the phones of several members of Serbian civil society following police stops.
Officials from EU anti-fraud office were allegedly followed, wiretapped and had their laptops hacked by Hungary’s intelligence agency.
Key findings from our analysis include:
Advanced Surveillance Capabilities:
Comprehensive Data Exfiltration:
Persistence Mechanisms:
Abuse of Legitimate Services:
Indicators of Compromise (IoCs):
Need for Collective Protection:
Italy is home to six major spyware vendors and one supplier, with many smaller and harder-to-track enterprises emerging all the time, experts say.
Four victims of Pegasus spyware in the UK have this week filed a criminal complaint with the Metropolitan Police.
