Application security, Endpoint/Device Security, Malware, Threat Intelligence

Updated LightSpy spyware for macOS emerges

Apple Macbook

Cybernews reports that updates have been introduced to the LightSpy surveillance tool to expand its targeting to systems running on older iterations of macOS after initially only targeting iOS devices.

Included within the new LightSpy spyware version were 10 plugins for exfiltrating browser history, installed apps, audio recordings, and other system information, according to a Threat Fabric report, which also noted the absence of real victims from a list observed within the spyware's administration panel.

"We are certain that LightSpy for macOS echoes a campaign conducted a few years ago. Nonetheless, investigating this sophisticated spyware toolset was still intriguing, offering insights into the goals of the threat actor and the specific information they sought," said researchers.

Such findings come more than a month after Huntress researchers initially reported about a LightSpy variant aimed at x86_64 architecture macOS, which also had 10 plugins.

"While this sample was uploaded to VirusTotal recently from India, this isn't a particularly strong indicator of an active campaign, nor targeting within the region," Huntress researchers said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.