One-Click Away On Your iOS and Android Phones With Just One WhatsApp Click
By MYBRANDBOOK
A modern and highly sophisticated malware campaign targets a Tibetan groups to exploit and install spyware , permanent tracker installed on their mobile (iPhone and Android devices). The spyware is delivered through WhatsApp message, all user need to do is a single click on the link within the WhatsApp text, researchers claimed.
According to Canadian researchers the POISON CARP employees “eight Android browser exploits and one Android spyware kit, as well as one iOS exploit chain and iOS spyware.”
It’s being labeled the most sophisticated attack on Tibetans yet, after attempts were made to steal WhatsApp and Facebook chats as well as locations with some novel techniques. Forbes reported.
The hackers, believed to be sponsored by the Chinese government, have been dubbed Poison Carp by Citizen Lab, a group of surveillance-tracking researchers at the University of Toronto. The crew lured targets to open messages by pretending to be journalists or charity workers.
The Canadian researchers found technical links between Poison Carp and the group revealed to be targeting the iPhones and Android devices of Uighurs by Google Project Zero and Volexity in August. In particular, the same iPhone malware was used in both sets of attacks, while a website used to launch malicious code at Androids was the same.
None of those vulnerabilities were new, though in one case, the attackers tried to exploit a Google Chrome bug whose patch had not yet been deployed to users. Otherwise, anyone who was running an up-to-date Android or iOS at the time should’ve been protected from infection. But for those who didn’t update and were successfully hacked, their WhatsApp and Facebook messages, location, contacts, call and text histories, and Gmail emails could’ve been sent back to the snoops.
Each and everyday cyber attacks are evolving and Social Engineering plays a significant role in this campaign, the threat actor engaged in active conversation to infect the targets and to install the spyware on their device.
According to Bitly stats as of September 6, 2019, 140 clicks on the iOS exploits and the exploit chain designed targeting iOS versions 11 – 11.4. The exploit chain was reported to Apple security who confirmed both the browser and privilege escalation exploits and it was patched with iOS 11.4.1 in July 2018.as per the report from gbhackers.
The malware collection application data such as location data, contacts, call history, SMS history, and the following device information.
The Android Exploit dubbed MOONSHINE, like the iOS exploit it too delivered through WhatsApp, if the targets open the links via Chrome-based Android browser, it asks users to open the link via Facebook app’s built-in Chrome-based web browser.
TAC Security becomes Cyber Security Assessor for the App Defen
The cybersecurity company, TAC Security has been selected as a key Cyber ...
InterGlobe’s Rahul Bhatia and C.P. Gurnani together announce
In a move that is set to transform the AI landscape, Rahul Bhatia, Group M...
Download masked Aadhaar to improve privacy
Download a masked Aadhaar from UIDAI to improve privacy. Select masking w...
Sterlite Technologies' Rs 145 crore claim against BSNL rejecte
An arbitrator has rejected broadband technology company Sterlite Technolog...
AGGRESSIVE ELECTRONICS MANUFACTURING SERVICES PVT. LTD.
ATRIE TECHNOLOGY PVT. LTD.
SAFE SECURITY SERVICES PVT. LTD.
NETWEB TECHNOLOGIES INDIA LTD.
Technology Icons Of India 2023: Nikhil Rathi
Nikhil Rathi, Co-founder & CEO of Web Werks, a global leader in Data C...
Technology Icons Of India 2023: Girish Mathrubootham
Girsh Mathrubootham envisioned and co-founded Freshworks. Freshworks, ...
Technology Icons Of India 2023: Byju Raveendran
Byju Raveendran is the founder of edutech start-up Byju’s. Raveendra...
EESL encouraging e-mobility adoption across India
Energy Efficiency Services Limited (EESL) is a Super Energy Service Co...
BSE provides highly secure, efficient and transparent market for trading
BSE (formerly known as Bombay Stock Exchange Ltd.) is Asia's first & t...
STPI encouraging software exports from India
Software Technology Parks of India (STPI) is an S&T organization under...
M. TECH SOLUTIONS (I) PVT. LTD.
M.Tech is a leading cyber security and network performance solutions ...
TECH DATA, A TD SYNNEX COMPANY
Tech Data Corporation was an American multinational distribution compa...
BEETEL TELETECH LTD.
: Beetel is one of the oldest and most reputed brands in the Industry,...