Spyware
Serbian police used Cellebrite zero-day hack to unlock Android phones
Serbian authorities have reportedly used an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist in the country and attempt to install spyware. Cellebrite is an Israeli digital forensics company that develops tools used by law enforcement, intelligence agencies, and private companies to extract data from smartphones and other digital […]
SpyLend Android malware downloaded 100,000 times from Google Play
An Android malware app called SpyLend has been downloaded over 100,000 times from Google Play, where it masqueraded as a financial tool but became a predatory loan app for those in India. The app falls under a group of malicious Android applications called “SpyLoan,” which pretend to be legitimate financial tools or loan services but […]
US court finds spyware maker NSO liable for WhatsApp hacks
A U.S. federal judge has ruled that Israeli spyware maker NSO Group violated U.S. hacking laws by using WhatsApp zero-days to deploy Pegasus spyware on at least 1,400 devices. NSO Group markets Pegasus as surveillance software for governments that enables clients to monitor victims’ activities and extract data from compromised devices. “This ruling is a […]
Android malware found on Amazon Appstore disguised as health app
A malicious Android spyware application named ‘BMI CalculationVsn’ was discovered on the Amazon Appstore, masquerading as a simple health tool but stealing data from infected devices in the background. The application was discovered by McAfee Labs researchers, who notified Amazon, leading to the application being removed from the store. However, those who installed the app must manually […]
New Android NoviSpy spyware linked to Qualcomm zero-day bugs
The Serbian government exploited Qualcomm zero-days to unlock and infect Android devices with a new spyware named ‘NoviSpy,’ used to spy on activists, journalists, and protestors. One of the Qualcomm flaws linked to the attacks is CVE-2024-43047, which was marked as an actively exploited zero-day vulnerability by Google Project Zero in October 2024 and received a fix on Android in […]
Russian cyberspies target Android users with new spyware
Russian cyberspies Gamaredon has been discovered using two Android spyware families named ‘BoneSpy’ and ‘PlainGnome’ to spy on and steal data from mobile devices. According to Lookout, which discovered the two malware families, BoneSpy has been active since 2021, while PlainGnome emerged in 2024. Both target Russian-speaking individuals in former Soviet states. Gamaredon (aka “Shuckworm”) is […]
New EagleMsgSpy Android spyware used by Chinese police, researchers say
A previously undocumented Android spyware called ‘EagleMsgSpy’ has been discovered and is believed to be used by law enforcement agencies in China to monitor mobile devices. According to a new report by Lookout, the spyware was developed by Wuhan Chinasoft Token Information Technology Co., Ltd. and has been operational since at least 2017. Lookout presents abundant […]
New Android spyware found on phone seized by Russian FSB
After a Russian programmer was detained by Russia’s Federal Security Service (FSB) for fifteen days and his phone confiscated, it was discovered that a new spyware was secretly installed on his device upon its return. The programmer, Kirill Parubets, was arrested by the FSB after being accused of donating to Ukraine. After regaining access to his […]
SpyLoan Android malware on Google play installed 8 million times
A new set of 15 SpyLoan Android malware apps with over 8 million installs was discovered on Google Play, targeting primarily users from South America, Southeast Asia, and Africa. The apps were discovered by McAfee, a member of the ‘App Defense Alliance,’ and have now been removed from Android’s official app store. However, their presence on […]
NSO Group used another WhatsApp zero-day after being sued, court docs say
Israeli surveillance firm NSO Group reportedly used multiple zero-day exploits, including an unknown one named “Erised,” that leveraged WhatsApp vulnerabilities to deploy Pegasus spyware in zero-click attacks, even after getting sued. Pegasus is NSO Group’s spyware platform (marketed as surveillance software for governments worldwide), with multiple software components that provide customers with extensive surveillance capabilities over […]