Application security, Threat Intelligence, Malware

Updated LightSpy spyware targeted at South Asia

Close up the triple-lens camera on the iPhone 13 Pro Max Seirra Blue and Graphite Color on white background.

Security Affairs reports that attacks with an updated iteration of the LightSpy iOS spyware using the "F_Warehouse" framework have been deployed against Southern Asian targets as part of a new cyberespionage campaign.

Hacked news websites with Hong Kong-related stories were suspected to have been leveraged to facilitate the deployment of the LightSpy spyware, as observed in previous campaigns, with a loader enabling the delivery of the core implant and several plugins, which build upon the primary backdoor's capabilities, a report from BlackBerry revealed.

"Each plugin undergoes a process of secure retrieval from the threat actor's server in an encrypted format, followed by decryption, before being executed within the system environment," said researchers.

Aside from allowing file exfiltration and audio recordings, the new LightSpy version also facilitates network reconnaissance, application inventory, user activity monitoring, image capturing, device enumeration, and credential access.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.