EFF uncovers data-stealing security bug on thousands of smartphones
EFF uncovers data-stealing security bug on thousands of smartphones
Booby-trapped messaging apps used for spying researchers
22 January, 2018, 05:48
The hackers used malicious apps that resembled legitimate communication platforms like Signal and WhatsApp to steal the trove of data, loading up the fake versions with malware that allowed them to tap into users' conversations. Once installed, cyber criminals can use a victim's Android device to take photos, retrieve location information, record audio, and more.
"We believe the actors would use Pallas against any target a nation state would otherwise attack, including governments, militaries, utilities, financial institutions, manufacturing companies, and defense contractors", a blog post on Lookout's website explains.
"People in the US, Canada, Germany, Lebanon, and France have been hit by Dark Caracal", EFF director of Cybersecurity Eva Galperin said in a statement. An espionage campaign using malware-infected messaging apps has been stealing smartphone data from activists, soldiers, lawyers, journalists and others in more than 20 countries, researchers said in a report Thursday.
"This is a very large, global campaign, focused on mobile devices", she adds. "Mobile is the future of spying, because phones are full of so much data about a person's day-to-day life". One particular trace of Dark Caracal led the researchers to a building belonging to the Lebanese General Security Directorate in Beirut.
"This suggests that Dark Caracal either uses or manages the infrastructure found to be hosting a number of widespread, global cyber-espionage campaigns", the researchers said in their report.
It's this revelation, along with the the fact numerous operation's different spying campaigns were deemed "seemingly unrelated" by researchers, that suggests Dark Caracal might be a type of government spyware "for hire", carrying out spying jobs on behalf of a variety of clients.
According to Galperin, the Dark Caracal group may be offering its spyware services to various clients, including governments, The Register reported.
EFF and Lookout began investigating Dark Caracal after EFF released its Operation Manul report, which shed light on another spying operation aimed at "journalists, activists, lawyers, and dissidents" who had spoken out against President Nursultan Nazarbayev's regime in Kazakhstan.
The campaign, which the two groups have named "Dark Caracal", accidentally outed itself by storing the stolen data on an unsecured server accessible via the internet.
"One of the interesting things about this ongoing attack is that it doesn't require a sophisticated or expensive exploit". "Instead, all Dark Caracal needed was application permissions that users themselves granted when they downloaded the apps, not realizing that they contained malware". "This research shows it's not hard to create a strategy allowing people and governments to spy on targets around the world". Through the phishing messages, victims have been redirected into downloading malware-laden Android apps or visiting a dummy Google, Facebook or Twitter domain actually under control of the hackers.
The Date Day: How To Behave When you meet your date offline for the first time, there are many things that can go wrong. That is a very responsible step that will either empower or destroy the already formed relationships.
Among 28 analysts covering NXP Semiconductors NV ( NASDAQ:NXPI ), 8 have Buy rating, 1 Sell and 19 Hold. (NASDAQ: EXEL ). After this sale, 268,260 common shares of EXEL are directly owned by the insider, with total stake valued at $7,374,467.
Finally, Bank of New York Mellon Corp boosted its position in shares of Corium International by 118.1% in the first quarter. It fall, as 56 investors sold MMC shares while 215 reduced holdings. 133 funds opened positions while 451 raised stakes.
An improvised explosive device detonated in the corridor of a mall in Lake Wales, Florida, Sunday evening, authorities said. When the arrived, the fire department said they saw smoke coming from a hallway next to the mall entrance of JCPenny.
The Gators have five players averaging in double figures, led by 5-foot-8 guard Funda Nakkasoglu at 14.5 points a game. Breein Tyree added 16 points in the loss, and Deandre Burnett and Bruce Stevens had 15 each.
Twelve equities research analysts have rated the stock with a hold rating and six have issued a buy rating to the stock. The stock of Randgold Resources Limited (NASDAQ:GOLD) has "Add" rating given on Monday, August 10 by Numis Securities.
We’ve now entered 2020 and the sporting world will certainly have a lot to show us in the upcoming year. The upcoming year will be telling if the boy can turn from a talented prospect to a world-class player.
The company reported $1.08 earnings per share for the quarter, beating the Thomson Reuters' consensus estimate of $0.90 by $0.18. BidaskClub downgraded Churchill Downs, from a "buy" rating to a "hold" rating in a research report on Wednesday, July 19th.
But Braian Angola (14 points) made one of two free throws for FSU. "Every game is really a sense of urgency", Bibbs said. The North Carolina Tar Heels and Virginia Tech Hokies meet Monday in college basketball action at the Cassell Coliseum.
But he fell shortly after lbw to Adil Rashid (2-51 from 10 overs) and unsuccessfully reviewed as Australia's hopes nosedived. Chris Woakes and Mark Wood were exceptional too, particularly at the end when Australia were desperate for boundaries.
After $1.42 actual EPS reported by Visteon Corporation for the previous quarter, Wall Street now forecasts 19.72% EPS growth. Shepherd Financial Partners LLC's holdings in Eli Lilly and were worth $1,297,000 as of its most recent SEC filing.
The company is showing signs of making a comeback, as competitors are forced to merge and consolidate in order to survive. The industry can be broken down further between mobile gambling and desktop gambling (which includes laptops and PCs).
General Overview of Cisco CCNA R&S Questions and Answers
In addition to this, they will also build their skills and knowledge levels required to implement WLAN in a small/medium network. At the end of the course, they will also be able to resolve regular issues with EIGRP, STP, and OSPF in IPv4 and IPv6 networks.
Gustav Klimt Could Challenge For 2,000 Guineas
However, Gustav Klimt bounced back with a fine performance at the Barronstown Stud Irish European Breeders Fund in June last year. Gustav Klimt moved to the inside down the final furlong and found just enough speed to beat out his compatriot Nebo by a head .
How Technology Has Completely Changed the Way We Spend Money
The Rise of Mobile Payments Over the last few years, all of the major mobile innovators have stepped into the mobile payment game. As of 2016, Apple Pay had 12 million monthly users , a figure which is sure to rise substantially in the coming months and years.
Oil producers meet in Oman for critical production meeting
The key to future behaviour of crude oil market is clearly the level of USA inventory and rate of increase in shale oil output. There are reports floating in the market that given the price situation, OPEC may gradually withdraw from the production cuts.
Women's Marches draw large crowds on second day
A rally Sunday in Las Vegas will launch an effort to register 1 million voters and target swing states in the midterm elections. Majorities of rural women and women without college educations still support him, but Lake said she had seen some softening.
Man attacked and set on fire in Fairfax County, police say
A group of people set a man on fire and assaulted him Sunday outside an apartment building in Annandale, Virginia, police say. Two suspects were detained and are being interviewed by detectives. @fairfaxpolice still looking for three more suspects.
The Early 2018 World Series Favorites
People expected this young Yankees team (which still has more significant talent on the way from AAA) to start competing in 2018. Taking into account a few articles and odds listings that are already out there, here’s our look at the top contenders. 1.