Endpoint/Device Security, Breach

Mobile spyware app LetMeSpy breached

Mobile spyware app LetMeSpy had its collected messages, call logs, and locations exfiltrated and leaked following a hacking incident, according to TechCrunch. Databases of LetMeSpy have been infiltrated on June 21, enabling access to account email addresses, telephone numbers, and messages, said LetMeSpy in a notice on its login page. On the other hand, such an attack was claimed by the threat actor to have been conducted through wide access to LetMeSpy's domain, with the attacker stating that server-stored copies of the databases have been deleted before leaking the stolen data. Analysis of a copy of the leaked data secured by DDoSecrets showed data on at least 13,000 devices since 2013, including more than 13,400 location data points, most of which have been in the U.S., India, and Western Africa. Details about nearly 26,000 LetMeSpy customers who leveraged the free version of the spyware were also included in the exposed database.

Related

MITRE breach linked to Chinese threat operation

Chinese cyberespionage operation UNC5221 was disclosed by the MITRE Corporation to being behind the compromise of its Networked Experimentation, Research, and Virtualization Environment facilitated by the exploitation of Ivanti Connect Secure zero-day vulnerabilities, tracked as CVE-2023-46805 and CVE-2024-21887, The Hacker News reports.

ArcaneDoor attacks linked to Chinese threat actors

Threat operation UAT4356, also known as Storm-1849, which was behind the ArcaneDoor cyberespionage campaign that targeted Cisco firewalls and other vendors' perimeter network devices, has been associated with China following an investigation of the group's attack infrastructure, according to The Hacker News.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.