Journalists at Al-Jazeera have been targeted by advanced spyware in an attack likely linked to the govt of Saudi Arabia and the UAE, cybersecurity watchdog Citizen Lab said. The most alarming part is that iMessages were infecting mobiles without victims taking any action. Malware used push notifications to instruct phones to upload content to servers linked to the NSO Group turning iPhones into surveillance tools without luring users to click on suspicious links or texts.
As per Google’s updated ads policies, ads that promote spyware, stalkerware etc will be banned from advertising, starting 11 August 2020. Examples of the products refrained from advertising include – spyware, tech used to monitor intimate partners, GPS trackers marketed to spy someone without consent, surveillance equipment with spying intent. However, child activity trackers are excluded. If violated, a 7-day warning prior to account suspension will be issued.
ThiefQuest – new and dangerous ransomware with spyware feature, for Apple’s Mac computers have been discovered by K7 Lab. This ransomware can hold data for ransom and can steal it also, irrespective of ransom paid or not. The ransomware component of TheifQuest is weak, signalling that data hostage is not the key purpose of the attackers. Apple devices, it is known, are usually hit with lesser malware attacks than Windows devices.
SonicWall Labs found a fake Aarogya Setu app with spyware, capable of making phone calls, audio/video recording, and SMSes. While one such fake app with imperfect icon copy, runs in the background without any activity on the screen, the other two are downloaded as add-ons gaining system’s permission. They also install the legitimate app in the background to avoid user suspicion. Even if users uninstall the app, the malicious code still remains in the system.