Skip to main content

Dark Caracal: Malware allows hackers to spy on thousands of users in more than 20 countries

Researchers at Lookout and EFF have discovered Dark Caracal, an international espionage campaign that relied on fake versions of secure messaging apps. (Representational Image. Source: Reuters)


Dark Caracal, a global spyware espionage campaign allowed hackers to spy on thousands of people in more than 20 countries and steal hundreds of gigabytes worth of data. This was revealed in a report shared by the The Electronic Frontier Foundation (EFF) and mobile security company Lookout. The report by EEF and Lookout says that the spyware campaign relies on fake version of messaging apps like Signal, WhatsApp and then steals data.
“People in the US, Canada, Germany, Lebanon, and France have been hit by Dark Caracal. Targets include military personnel, activists, journalists, and lawyers, and the types of stolen data range from call records and audio recordings to documents and photos,” EFF Director of Cybersecurity Eva Galperin said in a press statement. She added this was a “very large, global campaign, focused on mobile devices.”
According to the report, these “trojanized apps”, which include fake versions of Signal and WhatsApp, appear to be just like the legitimate app and can send and receive messages. But the fake apps allowed attackers “to take photos, retrieve location information, capture audio, and more.” According to the EFF and Lookout, Dark Caracal may have been deployed by a nation-state actor. The report says Dark Caracal has been traced to a building belonging to the Lebanese General Security Directorate in Beirut.
“Dark Caracal is part of a trend we’ve seen mounting over the past year whereby traditional APT actors are moving toward using mobile as a primary target platform. The Android threat we identified, as used by Dark Caracal, is one of the first globally active mobile APTs we have spoken publicly about,” Mike Murray, Vice President of Security Intelligence at Lookout said in a press statement.
Dark Caracal appears to have been active for sometime. The researchers have pointed out that the spyware campaign has been operating since at least 2012, but it has been hard to track because of other, seemingly unrelated espionage campaigns originating from the same domain names. They also believe Dark Caracal is just one from a number of different global attackers using this very same infrastructure.
The other worrying feature about Dark Caracal is that it does not require any sophisticated equipment or expensive exploit to be carried out. Given that the hackers are relying on fake version of messaging apps, they could easily get permissions to access data, camera, speaker, etc on the phone. This is because users tend to grant these to all messaging apps in order to use many of the features.
Lookout also says they worked directly with the Google Android Security Team to fix the threat on the platform and the “team was highly responsive and worked to find the malicious apps and protect customers.” Once again, when downloading apps, customers should keep in mind that they are doing this from the official Play Store, and not third-party store apps. Also it is best to check the official developer before downloading the app, in order to avoid fake apps, malware or spyware.

Comments

Post a Comment

Popular posts from this blog

Meryl Streep wants to trademark her own name

Meryl Streep has won three Oscars, three Emmys and six Golden Globes during her 40-year long career on stage, screen and television. (Photo by Joel C Ryan/Invision/AP, File) Meryl Streep, the most celebrated actress of her generation, has filed an application to trademark her name. The application was filed with US Patent and Trademark Office on January 22, records show. It requests that the name Meryl Streep be trademarked for “entertainment services,” movie appearances, speaking engagements and autographs. Streep, 68, last week extended her record to 21 Academy Award nominations, this time for her role in “The Post.” She has won three Oscars, three Emmys and six Golden Globes during her 40-year long career on stage, screen and television. It is not clear why Streep would file a trademark application at this stage in her career and her attorney and publicist did not return a request for comment on Monday. Many celebrities trademark their names or catch phrases to pro...
Post a Comment
Read more

Beijing’s struggle against pollution will be tough, take time: Mayor

Beijing’s battle against air pollution will take time and be very tough to win despite recent improvements, the acting mayor of China’s capital said on Wednesday. The city has been fighting to clean its notoriously smoggy air through steps such as pushing households and factories to switch away from coal to cleaner fuels like natural gas. “Further improvement in air quality (will be) extremely difficult,” acting mayor of Beijing, Chen Jining, said in a statement released during the city’s congress meeting. The central government’s intense focus on air quality means many local officials’ careers are linked to the success of efforts to tackle smog, making it unusual to speak candidly about the challenges of meeting tough targets. Beijing has chalked up a short-term success by cutting the annual average level of breathable particulate matter (PM 2.5) to 58 micrograms per cubic metre in 2017, beating a target set by the State Council in 2012. However, the city is still some way f...
Post a Comment
Read more

Under fire, Steve Bannon backs off explosive comments about Donald Trump’s son

Bannon, ousted from the White House in August, was quoted in “Fire and Fury: Inside the Trump White House,” by journalist Michael Wolff, as saying a June 2016 meeting with a group of Russians attended by Donald Trump Jr. and his father’s top campaign officials was “treasonous” and “unpatriotic.” (Photo: Reuters) President Donald Trump’s former strategist Steve Bannon on Sunday backed away from derogatory comments ascribed to him about Trump’s son in a new book that sparked White House outrage and could threaten Bannon’s influence as a would-be conservative power broker. Bannon, ousted from the White House in August, was quoted in “Fire and Fury: Inside the Trump White House,” by journalist Michael Wolff, as saying a June 2016 meeting with a group of Russians attended by Donald Trump Jr. and his father’s top campaign officials was “treasonous” and “unpatriotic.” The president responded by saying Bannon had lost his mind, and the White House suggested the hard-right news site...
Post a Comment
Read more