Security News Undetected Android Spyware Targeting Individuals In South Korea

[[correlate]]

Content source

https://cyble.com/blog/undetected-android-spyware-targeting-individuals-in-south-korea/

Cyble Research and Intelligence Labs (CRIL) has uncovered a previously undetected Android spyware campaign targeting individuals in South Korea, which has been active since June 2024. The spyware leverages an Amazon AWS S3 bucket as its Command and Control (C&C) server and is designed to exfiltrate sensitive data from compromised devices, including contacts, SMS messages, images, and videos.
The spyware samples observed disguise themselves as live video apps, adult apps, refund apps, and interior design applications. Below are the icons used by the malware.

Undetected Android Spyware Targeting Individuals In South Korea - Cyble

Cyble analyzes stealthy Android spyware targeting South Koreans, using an Amazon AWS S3 bucket to store exfiltrated data, including SMSs, contacts, and media.

cyble.com