Endpoint/Device Security, Threat Intelligence, Malware

India, Pakistan targeted by novel Patchwork malware attacks

Almost 150 Android devices across India and Pakistan have been compromised by suspected Indian state-sponsored threat operation PatchWork in a new attack campaign leveraging mostly messaging apps that have been laced with the VajraSpy remote access trojan, The Hacker News reports. Attackers were believed to have used romance scam lures to entice targets to download the malicious apps, including Chit Chat, Privee Talk, YohooTalk, and MeetMe, on Google Play and other app stores to facilitate infections with VajraSpy, which has espionage capabilities, according to a report from ESET. "[VajraSpy] steals contacts, files, call logs, and SMS messages, but some of its implementations can even extract WhatsApp and Signal messages, record phone calls, and take pictures with the camera," said ESET researcher Lukas Stefanko. Such a scheme comes after India- and Pakistan-based threat actors were reported by Cyfirma to have leveraged a fraudulent Android loan app to compromise Indian mobile users.

Related

UK cracks down on default passwords for smart devices

The UK has become the first country worldwide to prohibit Internet of Things device manufacturers from using default usernames and passwords in their products following the approval of the Product Security and Telecommunications Infrastructure act, which seeks to bolster smart device cybersecurity, The Hacker News reports.

Novel Wpeeper Android malware examined

BleepingComputer reports that hacked WordPress sites have been used as relay command-and-control servers by the novel Wpeeper Android malware, which has been spread via a pair of app stores impersonating the Uptodown App Store and is believed to have already compromised thousands of Android devices.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.