Forwarded from Pegasus NSO & other spyware
Arid Viper poisons Android apps with AridSpy | WeLiveSecurity
Via @androidmalware
#Palestine #Egypt #AridSpy #Android
#Trojan #AridViper #APT
ESET researchers have identified five campaigns targeting Android users with trojanized apps. Most probably carried out by the Arid Viper APT group, these campaigns started in 2022 and three of them are still ongoing at the time of the publication of this blogpost. They deploy multistage Android spyware, which we named AridSpy, that downloads first- and second-stage payloads from its C&C server to assist it avoiding detection.
The malware is distributed through dedicated websites impersonating various messaging apps, a job opportunity app, and a Palestinian Civil Registry app. Often these are existing applications that had been trojanized by the addition of AridSpyβs malicious code.
Via @androidmalware
#Palestine #Egypt #AridSpy #Android
#Trojan #AridViper #APT