- Feb 4, 2016
- 2,520
We discovered a malware family called Maikspy — a multi-platform spyware that can steal users’ private data. The spyware targets Windows and Android users, and first posed as an adult game named after a popular U.S.-based adult film actress. Maikspy, which is an alias that combines the name of the adult film actress and spyware, has been around since 2016.
Our analysis of the latest Maikspy variants revealed that users contracted the spyware from hxxp://miakhalifagame[.]com/, a website that distributes malicious apps (including the 2016 adult game) and connects to its C&C server to upload data from infected devices and machines. Multiple Twitter handles were found promoting the adult game called Virtual Girlfriend and sharing the malicious domain via short links.
History of Maikspy from 2016 to 2018
The first variant of Maikspy appeared on the Windows platform in December 2016. It disguised itself as the adult game named after an adult film actress. It has the ability to update itself from hxxp://fakeomegle[.]com/, and steal .jpg, .jpeg, .png, .txt, .wav, .html, .doc, .docx and .rtf files located in the Desktop, Picture, Documents, and Downloads folders, as well as information about the machine’s Internet Explorer, Chrome, Firefox or default browsers, OS, and network configuration. The spyware connects to 107[.]180[.]46[.]243.
,,, ,,, ,,, ,,,