Trojanized Apps Used for Cyberespionage

GDGS, Lebanon’s main internal intelligence agency, has been identified as the likely nation-state actor compromising the devices of military personnel, enterprises, medical professionals, activists, journalists, lawyers, and educational institutions in 21 countries including the U.S., China, Germany, India, Russia, Saudi Arabia and South Korea.

According to the Electronic Frontier Foundation who has been researching this spy operation for years, the global espionage campaign used malicious fake versions of the legitimate popular apps like Signal and WhatsApp, which indicates a shift of how state-sponsored surveillance and malware works. Since July 2017, the EFF calculates millions of requests for data have been made and exfiltrated from infected Android devices including: SMS messages, call records, contact, account information, browsing history and more.

Takeaway: While you probably don't have to worry about this specific threat, it serves as a reminder to watch for fake apps that might trick you into handing over credentials and permissions, and stick to downloading apps from the official app store.

#espionage #Androidmalwareattack #Trojanapps #cybersecurity #cyberespionage #spyware