ESET Discovers Two Active Android Spyware Campaigns Targeting Secure Messaging Apps
ESET researchers have discovered two active Android spyware campaigns, targeting users of secure messaging apps like Signal and ToTok. Both families, Android/Spy.ProSpy and Android/Spy.ToSpy, seek extensive device access and exfiltrate sensitive data.
The ProSpy campaign, active since 2024, spreads through three fake websites impersonating Signal and ToTok. It targets users interested in these secure apps. Meanwhile, the ToSpy campaign remains active, with online command-and-control servers, focusing on users in the UAE and nearby regions. Both spyware families ask for access to contacts, SMS messages, and files, and continually exfiltrate data if permissions are granted.
ESET advises caution when downloading apps from unofficial sources. Users should avoid enabling installation from unknown origins. The responsible parties for these spyware families remain unidentified, and the specific countries targeted are unclear.
The discovery of these spyware campaigns underscores the importance of vigilance when downloading apps. Users should stick to official app stores and be wary of permissions requested by apps. ESET's findings highlight the ongoing threat to privacy and security posed by such malicious software.
Read also:
- Bridge the IT-Security Divide with Qualys VMDR for ITSM: A New Application to Streamline Your IT and Security Operations
- Italy passes AI legislation addressing privacy concerns, supervision, and kid-safe access
- East Asian countries should be cautious, as scamming operations are moving towards the region - it's high time we stay vigilant. - Phar Kim Beng
- Senators pressure nominated leader of CISA on election security concerns, focus of agency highlighted
