Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
'FurBall' Spyware Being Used Against Iranian Citizens
New Android malware variant is part of long-running Domestic Kitten campaign being conducted by APT C-50 Group, analysts report.
1 Min Read
Source: Tiny Ivan via Alamy Stock Photo
Analysts have flagged a new Android malware variant being used by APT-C-50 as part of its wider Domestic Kitten campaign to spy on Iranian citizens.
ESET researchers named the new spyware FurBall, but point out that aside from a few new scripts and tweaks, the basic functionality of the latest APT-C-50 malware iteration is unchanged from previous versions. The mobile surveillance spyware is delivered through a malicious app that offers Iranian translations of books and magazines.
Domestic Kitten campaign was first discovered back in 2016.
"The analyzed sample requests only one intrusive permission — to access contacts," the ESET team said about the new FurBall malware. "The reason could be its aim to stay under the radar; on the other hand, we also think it might signal it is just the preceding phase, of a spearphishing attack conducted via text messages."
However, if the attackers could expand the malicious app permissions, they would be able to steal additional device data, including text messages, location information, recorded voice calls, and more, the researchers added.
About the Author
You May Also Like
More Insights
Webinars
Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024The Unreasonable Effectiveness of Inside Out Attack Surface Management
Dec 4, 2024
