Tag Archives: Malware

Permission to Spy: An Analysis of Android Malware Targeting Tibetans (updated)

This blog post reports on a malware attack in which a compromised version of Kakao Talk, an Android-based mobile messaging client, was sent in a highly-targeted email to a prominent individual in the Tibetan community. The malware is designed to send a user’s contacts, SMS message history, and cellular network location to attackers. This post was updated on 18 April 2013.

Update to “Permission to Spy: An Analysis of Android Malware Targeting Tibetans” in Tibetan: གསང་མྱུལ་བར་ཆོག་མཆན། ཨན་སྒྲོ་དྲ་འབུ་ཅན་གྱི་མཉེན་ཆས་ཤིག་གིས་བོད་རིགས་རྣམས་དམིགས་འབེན་ཏུ་བཟུང་བའི་སྐོར་ལ་བརྟག་དཔྱད།

This is the update to “Permission to Spy: An Analysis of Android Malware Targeting Tibetans”, written in Tibetan language.

Hackers attack European governments using ‘MiniDuke’ malware

Source: Josh Halliday, The Guardian

Cyber criminals have targeted government officials in more than 20 countries, including Ireland and Romania, in a complex online assault seen rarely since the turn of the millennium.

APT1’s GLASSES – Watching a Human Rights Organization

In this research brief, Seth Hardy describes malware (“GLASSES”) sent in 2010 that is a simple downloader closely related to malware described by Mandiant in their APT1 report. GLASSES appears to be a previous version of malware called GOGGLES by Mandiant, and was sent in a highly targeted email to a Tibetan human rights organization, demonstrating that APT1 is involved in more than just industrial and corporate espionage.

Senior Security Analyst Seth Hardy interviewed on Radio Canada International

RCI’s Wojtek Gwiazda spoke to Seth Hardy about recent Citizen Lab research on targeted attacks against human rights organizations and others, including the Dalai Lama.

Targeted attacks against Mac users continue to climb

Source: Paul F. Roberts, IT World

Apple Computer took a bold step recently in its battle against malicious software that runs on its Mac operating system.

Watering holes and zero-day attacks

Source: Nart Villeneuve, Trend Micro

The term “Watering Hole” has become a popular way to describe targeted malware attacks in which the attackers compromise a legitimate website and insert a “drive-by” exploit in order to compromise the website’s visitors.

Dutch government proposes cyberattacks against…everyone

Source: Electronic Frontier Foundation

If the location of a particular computer cannot be determined, the Dutch police would be able to break in without ever contacting foreign authorities.

Surveillance malware targets UAE activist as exploit sellers implicated

Source: Tom Brewster, Tech Week Europe

A prominent activist from the UAE has been targeted by surveillance malware likely to have been created by an Italian company, with a French exploit seller implicated too, according to researchers.

Ahead of spyware conference, more evidence of abuse

Source: Nicole Perlroth, The New York Times

This week, at ISS World Americas, an annual surveillance trade show in Washington, law enforcement agents from around the world will gather to learn about the latest in computer spyware.