Security researchers at the cyber-intelligence firm Cyble published a technical report describing the Android spyware namely 'Dracarys', which was utilized by the Bitter APT group in the past, distributed via rouge Signal messaging app to perform malicious activities such as stealing victims' personal data. Initially, Meta (Facebook) first reported about 'Dracarys' spyware in its Q2 2022 adversarial threat report, briefly explaining malware's data stealing, geolocating, and microphone-activation capabilities which are installed via malicious versions of Telegram, WhatsApp, and YouTube. As per Cyble report, the malicious version of the signal messaging app is delivered via a phishing page that looks like a legitimate Signal download portal using the domain 'signalpremium[.]com'. After downloading the malicious app, it requests to access the victim's phone contact list, SMS, camera, and microphone, to make calls, precise location, read and write storage, which are typical permissions for any chat application, hence the victim will not find anything suspicious. In addition, the spyware is reported to be abusing Accessibility Service to perform auto-grant additional permission and also continue running in the background even if the app is closed, as well as it attempts to gain higher privileges and 'clicking' on the screen without the user interaction. Once the rouge application is launched, the Dracarys malware connects with a Firebase server to receive commands, and then steals contact list, SMS data, call logs, installed app list, files, and GPS position, and later, it transmits all collected information to the Command-and-Control (C&C) server.
everal popular Android applications available on the Google Play Store are vulnerable to a path traversal-affiliated vulnerability known as the Dirty Stream attack. This vulnerabil...
The US confirms Russian hackers have breached water systems. They warn North American and European operators about ongoing attempts by pro-Russia activists to infiltrate their tech...
The Simone Veil hospital in Cannes, France, has become the latest target of cybercriminals, with the LockBit ransomware gang claiming to have accessed and published confidential da...