Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43445
  • Total Topics: 16537
  • Online today: 3188
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 0
Guests: 3109
Total: 3109









Author Topic: Russian hackers use XAgent malware to infects "government's" iPhones  (Read 2795 times)

0 Members and 3 Guests are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Attackers, perhaps of Russian origin are infecting the iPhones linked to government, defence and media sectors with dangerous spy malware capable of breaching non-jailbroken devices, researchers say.

The XAgent malware part of attacks unveiled last year against Windows devices has moved to iOS targeting iOS 7 and to much lesser effect iOS 8: http://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/pawn-storm-espionage-attacks-use-decoys-deliver-sednit

About a quarter of Apple users still run iOS 7.

Trend Micro threat researchers Lambert Sun, Brooks Hong, and Feike Hacquebord said the malware could monitor and siphon media, directories, text messages to remote servers and capture photos and audio on jailbroken devices.

"The XAgent app is fully functional malware," the trio said in a research note: http://blog.trendmicro.com/trendlabs-security-intelligence/pawn-storm-update-ios-espionage-app-found/?linkId=12146208

"The exact methods of installing these malware is unknown; however, we do know that the iOS device doesn't have to be jailbroken ... we have seen one instance wherein a lure involving XAgent simply says 'tap here to install the application'."

That attack relied on Cupertino's ad hoc provisioning used by app developers to enable installation with a link.

Attacks against iOS 7 devices quietly restarted when closed and remained invisible to the user as a background process. It fared far worse on iOS 8 where it had to be manually started on reboot by victims and could not hide.

Researchers said the malware appeared to be carefully maintained and consistently updated

XAgent was tied to a campaign dubbed Operation Pawn Storm targeting anti-Russian actors linked to the Ukraine conflict which used typosquatting and phishing to compromise high-profile victims: http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-operation-pawn-storm.pdf

The command and control server used in the attacks was in operation at the time of research.

(ElReg)

Samker's Computer Forum - SCforum.info


devnullius

  • SCF VIP Member
  • *****
  • Posts: 3614
  • KARMA: 157
  • Gender: Female
    • SCForum.info
Nowhere to hide...
More information about bitcoin, altcoin & crypto in general? GO TO  j.gs/7385484/btc

Cuisvis hominis est errare, nullius nisi insipientis in errore persevare... So why not get the real SCForum employees to help YOUR troubled computer!!! SCF Remote PC Assist http://goo.gl/n1ONa9

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023