Summary:

Lookout recently discovered an advanced phishing kit exhibiting novel tactics to target cryptocurrency platforms as well as the Federal Communications Commission (FCC) via mobile devices. Following the tactics of groups like Scattered Spider, this kit enables attackers to build carbon copies of single sign-on (SSO) pages, then use a combination of email, SMS, and voice phishing to trick the target into sharing usernames, passwords, password reset URLs and even photo IDs from hundreds of victims, mostly in the United States.…

Read More
What is Infamous Chisel?

Infamous Chisel is a collection of surveillance tooling used to target Android devices. It was first reported by the Ukrainian Security Service (SBU) in early August 2023 and attributed to Russia’s Sandworm APT. According to the SBU, the main purpose of this toolset was to collect information from Android devices likely connected to Ukrainian military information systems during the Russia-Ukraine war.…

Read More
What are WyrmSpy and DragonEgg surveillanceware?

WyrmSpy and DragonEgg are two advanced Android surveillanceware that Lookout attributes to high-profile Chinese threat group APT41, also known as Double Dragon, BARIUM, and Winnti. 

While APT41 is mostly known for exploiting web-facing applications and infiltrating traditional endpoint devices, these malware are rare reported instances of the group exploiting mobile platforms.…

Read More