Actors behind the 'LightSpy' spyware campaign targeting users in Southeast Asia distribute links to malicious websites, mimicking the original ones that are likely to be frequented by potential victims, researchers from cybersecurity firm Kaspersky said on Friday.

Open in App

This spyware targeting mobile users in Southeast Asia

Moscow, March 27 Actors behind the 'LightSpy' spyware campaign targeting users in Southeast Asia distribute links to malicious websites, mimicking the original ones that are likely to be frequented by potential victims, researchers from cybersecurity firm Kaspersky said on Friday.

Once a target visits the weaponised website, a custom exploit chain tries to execute a shellcode, which leads to the deployment of the fully original malware on the victims phone.

The malware is successfully targeting iPhones running versions of iOS up to version 12.2. Users running the latest version of iOS, 13.4, should be safe from these exploits.

Users of Android OS-based devices are also in the crosshairs researchers found several versions of the implant that target this platform.

In addition, Kaspersky researchers identified some indicators of the existence of malware targeting Mac, Linux and Windows-based computers, along with Linux-based routers.

The research also discovered the malware is being spread through forum posts and replies, as well as popular communications platforms by posting links to the deployed landing pages.

Once the website has been visited, the malware jailbreaks the victims device, giving the attackers the ability to record calls and audio, read certain messengers and more.

The information currently available does not make it possible to attribute the operation to any known advanced persistence threat actor (APT), which is why Kaspersky has temporarily dubbed the attackers 'TwoSail Junk'.

"We tracked this particular framework and infrastructure beginning in January this year. It is an interesting example of an agile approach to developing and deploying surveillance framework in Southeast Asia," Alexey Firsh, security researcher at Kaspersky's Global Research and Analysis Team, said in a statement.

To avoid falling victim to water-holing and other targeted attacks such as this, Kaspersky recommended that people should avoid suspicious links promising exclusive content, especially if they are shared on social media.

( With inputs from IANS )

Lok Sabha Election 2024

Heatwave In India

Mumbai Water Cut

Maharashtra Lok Sabha Election

IPL 2024

Salman Khan

City

This spyware targeting mobile users in Southeast Asia

Actors behind the 'LightSpy' spyware campaign targeting users in Southeast Asia distribute links to malicious websites, mimicking the original ones that are likely to be frequented by potential victims, researchers from cybersecurity firm Kaspersky said on Friday.

This spyware targeting mobile users in Southeast Asia

Related Stories

Technology Cybercriminals sell malicious Google Play apps for up to $20K using Darknet: Report

Business Kaspersky acquires 49 per cent of container security solutions developer Ximi Pro

Technology One in four users unaware of crypto cybercrime risks: Report

Technology Cybercriminals use over 400K malicious files to attack users daily: Report

Business Only half of SMB leaders are confident that ex-employees can't access the company's digital assets

टेकमेनिया Realted Stories

Technology Apple working on own AI chips for data centres: Report

Technology Boeing again scrubs crewed launch of Starliner

Technology Study reveals how children with hypertension at higher long-term risk for serious heart conditions

Technology Apple to introduce iPad Pro models with OLED displays for 1st time

Technology ISRO moves ahead in development of 2,000 kN thrust semi-cryogenic engine