Hackers used a malicious Android app created using the SpyNote tool for high-precision attacks. The threat analysis was conducted by CYFIRMA. The targets could be valuable assets that are potentially of interest to APT groups (advanced threat actors).
The malware was distributed via WhatsApp under the guise of files with the names «Best Friend», «Friend», etc. After installation, the app ran in the background, masking its presence. It gained access to geolocation, contacts, SMS, camera and other device data.
SpyNote allows attackers to intercept calls, collect system information, take screenshots and copy user data. All collected data was transmitted to the management server. This tool is also used by hacker groups OilRig (APT34) and APT-C-37 for espionage and data theft.
Overall, the tool is a serious threat, as it remains available on underground forums and Telegram channels. Attacks using SpyNote show that attackers prefer proven means to compromise important targets.
A resident of Ternopil fell into a fraudulent scheme. The woman lost 145,000 hryvnias. «It…
Facebook, X, YouTube and other tech companies have joined the updated EU code of conduct…
China's government-run electronics subsidy program, which took effect on January 20, 2025, has already led…
During his inaugural address, US President Donald Trump announced ambitious plans to send astronauts to…
Donald and Melania Trump have taken a step into the world of cryptocurrencies by releasing…
You should always take care of the security of your own data, because scammers are…