[ad_1]
Security experts have discovered new versions of "FinSpy", a complex and malicious tool for monitoring mobile devices. The new implants work on iOS and Android devices and can monitor the activity of almost all common email services, including encrypted email services (WhatsApp, Signal, Telegram, Threema, etc.), thus improving their performance. followed. disguise. strong Kaspersky Attackers are able to spy on all the activities of a smartphone and read sensitive data such as GPS location, messages, images, calls and more.
Successful attacks
FinSpy is a very effective software tool. As has been reported, it is quite expensive and is therefore normally only used for targeted surveillance attacks. Nevertheless, it shows that even users of end-to-end encrypted messaging services can never feel safe. The theft of information has already been observed around the world by NGOs, governments and law enforcement agencies. The responsible cybercriminals are able to adapt the behavior of each malicious FinSpy variant to a specific person or target group.
>>> Read: The WhatsApp spying tool costs more than 6 million euros
All available information
According to experts, basic malware features include virtually unlimited monitoring of device activity: locating locations, accessing all incoming and outgoing messages, contacts, media stored on the device, and data from service providers. common messaging such as WhatsApp, Facebook Messenger or Viber. All the data thus extracted are transmitted via an SMS or HTTP protocol to the attacker.
© Kaspersky Lab
FinSpy reads smartphones and transmits all data to attackers.
New version even more dangerous
The latest known versions of the malware have a wider range of functionality than their predecessors and can now compromise other messaging services, including those previously considered "secure" – such as Telegram, Signal or Threema. Even with the concealment of their own footsteps, they are much more skilled. For example, iOS malware targeting iOS 11 and earlier can now hide the signs of a jailbreak, while the new version for Android contains a feat that does not include root privileges – almost complete access to all files and all the orders. managed device.
>>> Read it: so everyone can read your WhatsApp messages
Protection Tips against FinSpy
According to information available from Kaspersky, attackers need physical access to the smartphone or device already "jailbroken" or "rooted" to be able to infect both Android and iOS devices. For mobile phones already jailbroken / rooted, there are at least three possible routes of infection: SMS, e-mail or push notifications. In order to avoid a FinSpy infection, security experts have compiled a list with the following tips:
-
Do not leave the smartphone or tablet unlocked and always make sure no one can see the PIN when entering.
-
Do not jailbread or browse devices, as this will make the attackers' work easier.
-
Install mobile apps only from official app stores, such as Google Play.
-
Never follow suspicious links sent by unknown numbers.
-
In the settings of the device, block the installation of programs from unknown sources.
-
Do not disclose pbadwords or codes on the device, even for people you trust.
-
Never store unknown files or applications on your device as they may compromise your privacy.
-
Download a powerful security solution for mobile devices.
[ad_2]
Source link
