The Syrian Electronic Army hacker group has reportedly been investing heavily in a scheme to infect Android device users with a spyware tool hidden inside fake app updates.

Known for its ardent support of Syrian President Bashar al-Assad, the threat group is targeting in particular  users of secure messaging apps such as WhatsApp and Telegram. The SEA is spreading malicious updates for these apps through a combination of watering hole websites and phishing emails, according to a report from Forbes, citing researchers at Lookout who presented their findings at the Black Hat conference in London this week.

These fake updates contain a spyware program called SilverHawk that dates back to 2016, the report continues. If a user accepts the fake update's permissions, the spyware gains admin-level access and is able to access data, files and contacts, as well as operate the device's microphone and camera.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.