Monday, Aug 03, 2020 | Last Update : 06:08 PM IST

132nd Day Of Lockdown

Maharashtra44122827680915576 Tamil Nadu2576131964834132 Andhra Pradesh158764828861474 Delhi1376771233174004 Karnataka134819577252496 Uttar Pradesh92921533571730 West Bengal75516527301678 Telangana6766048609551 Gujarat63675466892482 Bihar5727036637322 Rajasthan4441031216706 Assam4290532385105 Haryana3651929690433 Odisha3491321955236 Madhya Pradesh3353523550886 Kerala259121446383 Jammu and Kashmir2141613127396 Punjab1785311466423 Jharkhand121884513115 Chhatisgarh9608699158 Uttarakhand7593443786 Goa6530466853 Tripura5248346323 Puducherry3806230952 Manipur283117377 Himachal Pradesh2654150813 Arunachal Pradesh19359693 Nagaland19356484 Chandigarh111769819 Meghalaya8742645 Sikkim6582891 Mizoram4702580
  Technology   In Other news  14 Jul 2019  FinSpy malware swats again, targets iOS and Android this time

FinSpy malware swats again, targets iOS and Android this time

THE ASIAN AGE
Published : Jul 14, 2019, 3:09 pm IST
Updated : Jul 14, 2019, 3:09 pm IST

It allows attackers to spy on all device activities and exfiltrate sensitive data such as GPS location, messages, pictures, calls and more.

Kaspersky experts have uncovered new versions of the advanced malicious surveillance tool FinSpy.
 Kaspersky experts have uncovered new versions of the advanced malicious surveillance tool FinSpy.

Kaspersky experts have uncovered new versions of the advanced malicious surveillance tool FinSpy. The new implants work on both iOS and Android devices, can monitor activity on almost all popular messaging services, including encrypted ones, and hide their traces better than before. The tools allow attackers to spy on all device activities and exfiltrate sensitive data such as GPS location, messages, pictures, calls and more. 

FinSpy is an extremely effective software tool for targeted surveillance that has been observed stealing information from international NGOs, governments and law enforcement organizations all over the world. Its operators can tailor the behaviour of each malicious FinSpy implant to a specific target or group of targets.

 

The basic functionality of the malware includes almost unlimited monitoring of the device’s activities: such as geolocation, all incoming and outgoing messages, contacts, media stored on the device, and data from popular messaging services like WhatsApp, Facebook Messenger or Viber. All the exfiltrated data is transferred to the attacker via SMS messages or the HTTP protocol.

The latest known versions of the malware extend the surveillance functionality to additional messaging services, including those considered ‘secure’, such as Telegram, Signal or Threema. They are also more adept at covering their tracks. For instance, the iOS malware, targeting iOS 11 and older versions can now hide signs of jailbreak, while the new version for Android contains an exploit capable of gaining root privileges – almost unlimited, complete access to all files and commands - on an unrooted device.

 

Based on the information available to Kaspersky, in order to successfully infect both Android and iOS-based devices, attackers need either physical access to the phone or an already jail broken/rooted device. For jail broken/rooted phones there are at least three possible infection vectors: SMS message, email, or push notifications.

According to Kaspersky telemetry, several dozen mobile devices have been infected over the past year. To avoid falling victim to FinSpy, Kaspersky researchers advice users to not leave your smartphone or tablet unlocked and always make sure nobody is able to see your pin-code when you enter it, not to jailbreak or root your device since it will make an attacker’s job easier, only install mobile applications from official app stores, such as Google Play, do not follow suspicious links sent to you from unknown numbers, and also in your device settings block the installation of programs from unknown sources and avoid disclosing the password or passcode to your mobile device, even with someone you trust. Never store unfamiliar files or applications on your device, as they could harm your privacy and download a proven security solution for mobile devices, such as Kaspersky Internet Security for Android.

 

Tags: malware, finspy, kaspersky, android, ios