Pegasus-style spyware found on thousands of smartphones

Used by governments around the world to spy on rival politicians, foreign powers, journalists, lawyers and business figures, the NSO Group’s Pegasus malware has attracted significant media attention since its existence by activists earlier this year. was disclosed. While the Israeli firm has found itself maligned by the press and blacklisted By Washington, similar snooping software is reportedly still active and going unnoticed, as uncovered in a report published Wednesday by the cybersecurity company. zimperium,

The article examines the PhoneSpy software, which is aimed at South Korean Android users. According to Zimperium, “PhoneSpy disguises itself as a regular application with purposes ranging from learning yoga to watching TV and videos or browsing photos.” These apps are not found on the Android App Store, which means users have to download them directly, possibly by clicking on malicious links, or through “social engineering.”

Once installed, PhoneSpy gives Snoops access to almost every function of the target’s smartphone. Cameras and microphones can be activated remotely, call logs and messages can be retrieved, GPS coordinates can be tracked, and web traffic can be monitored.

The Zimperium report did not identify who was actually using PhoneSpy to survey the targeted phones, but did say that “Thousands of South Korean victims have become victims of spyware campaigns.” Since the fake apps were all South Korean, the spying operation is believed to have been confined to that country.

PhoneSpy is one of several Pegasus-like programs suspected to be in operation. When the US added NSO Group to its business blacklist earlier this month, it also added Russian firm Positive Technologies and Singapore’s Computer Security Initiative Consultancy, claiming the two were smuggled in “Cyber ​​Tools” used to get “Unauthorized access to computer systems.”

If you liked this story, share it with a friend!