APT C-23 hackers are targeting Middle East users with a new Android spyware variant

APT C-23 hackers are targeting Middle East users with a new Android spyware variant

Also known by the monikers VAMP, FrozenCell, GnatSpy, and Desert Scorpion, the mobile spyware has been a preferred tool of choice for the APT-C-23 threat group since at least 2017, with successive iterations featuring extended surveillance functionality to vacuum files, images, contacts and call logs, read notifications from messaging apps, record calls (including WhatsApp), and dismiss notifications from built-in Android security apps.

A threat actor notorious for targeting targets in the Middle East has improved its Android spyware, allowing it to be stealthier and more persistent while passing itself off as seemingly innocuous app updates to remain undetected. In a report published Tuesday, Sophos threat researcher Pankaj Kohli said that the new variants have “incorporated new features into their malicious apps that make them more resilient to actions by users, who might try to remove them manually, and to security and web hosting companies that try to block access to, or shut down, their command-and-control server domains.”

In the past, the malware has been distributed via fake Android app stores under the guise of AndroidUpdate, Threema, and Telegram. The latest campaign is no different in that they take the form of apps that purport to install updates on the target’s phone with names such as App Updates, System Apps Updates, and Android Update Intelligence. It’s believed that the attackers deliver the spyware app by sending a download link to the targets through smishing messages.

Once installed, the app begins requesting for invasive permissions to perform a string of malicious activities that are designed to slip past any attempts to manually remove the malware. The app not only changes its icon to hide behind popular apps such as Chrome, Google, Google Play, and YouTube, in the event the user were to click the fraudulent icon, the legitimate version of the app is launched, while running surveillance tasks in the background.

“Spyware is a growing threat in an increasingly connected world,” Kohli said. “The Android spyware linked to APT-C-23 has been around for at least four years, and attackers continue to develop it with new techniques that evade detection and removal.” Found this article interesting? Follow THN on Facebook, Twitter  and LinkedIn to read more exclusive content we post.

The News Highlights

  • APT C-23 hackers are targeting Middle East users with a new Android spyware variant
  • Check the latest update on Security news
  • .

Disclaimer: If you need to edit or update this news from compsmag then kindly contact us Learn more

For Latest News Follow us on Google News


Latest Headlines
  • Show all
  • Trending News
  • Popular By week
A phone prank involving jury duty has resurfaced
A phone prank involving jury duty has resurfaced
Unlike last year’s attempts to swindle residents, the new scam is a bit more vague. Rather than asking people to purchase pre-paid phone cards to make up for ...
How To Become A Millionaire If You Hate Managing Money
How To Become A Millionaire If You Hate Managing Money
You’re going to need to know how much you must save to become a millionaire — especially if you have a specific date in mind when you want to achieve this ...
Elisia Flores, CEO of L&L Franchise, has joined the board of directors of Hawaiian Electric Industries
Elisia Flores, CEO of L&L Franchise, has joined the board of directors of Hawaiian Electric Industries
Her knowledge and sensitivities to Hawai’i’s unique business and government environment also provides significant value. Elisia Flores, a perceived business ...
The shift to ten-digit telephone dialing is beginning in some parts of the country, according to Lake County News
The shift to ten-digit telephone dialing is beginning in some parts of the country, according to Lake County News
When an area code transitions to 10-digit dialing, you will no longer be able to dial seven digits to make a local call. Transitioning to 10-digit dialing ...
Since 2018, bitcoin mining difficulty breaks the biggest winning streak
Since 2018, bitcoin mining difficulty breaks the biggest winning streak
The highest increase in this latest run was 13.24% and the lowest 0.95%, but it still failed to reach and subsequently surpass the all-time high of 25.05 T ...
In this Black Friday holiday promotion, Govee's energy-efficient smart lighting gets a lot cheaper
In this Black Friday holiday promotion, Govee’s energy-efficient smart lighting gets a lot cheaper
There’s a ton on sale, but some highlights include: Plenty more is on sale, too, including a couple more lamps, different lengths of LED strips, and even ...
Notre Dame technical staff and players are "fantasizing" LSU news, according to Brian Kelly
Notre Dame technical staff and players are “fantasizing” LSU news, according to Brian Kelly
One assistant was visiting a recruit’s home tonight, coincidentally. He saw the news on his phone as he was leaving the recruit’s house. Brian Kelly claimed ...
Authorities in Finland have issued a warning about a new wave of virus-laden text messages
Authorities in Finland have issued a warning about a new wave of virus-laden text messages
The agency cites reports received by the National Cyber Security Centre (NCSC-FI) indicating that scam text messages written in Finnish have been sent to ...
The Crypto Daily - Movers and Shakers - April 2, 2021
Teacher Salary Increases: Are You Getting More Money?
And here it is for 2022-23: Of course, not every teacher gets that 2.4% average pay increase. Here is the new teacher salary schedule for 2021-22 under the ...
Authorities warn that financial amnesty for uninsured drivers expires soon
Authorities warn that financial amnesty for uninsured drivers expires soon
“They can refuse to insure you, maybe push you into a high-risk pool,” she said. “It really depends on an individual driving situation … but it can be ...
Show next
We will be happy to hear your thoughts

      Leave a reply

      Compsmag - Latest News In Tech and Business
      Logo