Skip to main content

Dark Caracal: Malware allows hackers to spy on thousands of users in more than 20 countries

Researchers at Lookout and EFF have discovered Dark Caracal, an international espionage campaign that relied on fake versions of secure messaging apps. (Representational Image. Source: Reuters)


Dark Caracal, a global spyware espionage campaign allowed hackers to spy on thousands of people in more than 20 countries and steal hundreds of gigabytes worth of data. This was revealed in a report shared by the The Electronic Frontier Foundation (EFF) and mobile security company Lookout. The report by EEF and Lookout says that the spyware campaign relies on fake version of messaging apps like Signal, WhatsApp and then steals data.
“People in the US, Canada, Germany, Lebanon, and France have been hit by Dark Caracal. Targets include military personnel, activists, journalists, and lawyers, and the types of stolen data range from call records and audio recordings to documents and photos,” EFF Director of Cybersecurity Eva Galperin said in a press statement. She added this was a “very large, global campaign, focused on mobile devices.”
According to the report, these “trojanized apps”, which include fake versions of Signal and WhatsApp, appear to be just like the legitimate app and can send and receive messages. But the fake apps allowed attackers “to take photos, retrieve location information, capture audio, and more.” According to the EFF and Lookout, Dark Caracal may have been deployed by a nation-state actor. The report says Dark Caracal has been traced to a building belonging to the Lebanese General Security Directorate in Beirut.
“Dark Caracal is part of a trend we’ve seen mounting over the past year whereby traditional APT actors are moving toward using mobile as a primary target platform. The Android threat we identified, as used by Dark Caracal, is one of the first globally active mobile APTs we have spoken publicly about,” Mike Murray, Vice President of Security Intelligence at Lookout said in a press statement.
Dark Caracal appears to have been active for sometime. The researchers have pointed out that the spyware campaign has been operating since at least 2012, but it has been hard to track because of other, seemingly unrelated espionage campaigns originating from the same domain names. They also believe Dark Caracal is just one from a number of different global attackers using this very same infrastructure.
The other worrying feature about Dark Caracal is that it does not require any sophisticated equipment or expensive exploit to be carried out. Given that the hackers are relying on fake version of messaging apps, they could easily get permissions to access data, camera, speaker, etc on the phone. This is because users tend to grant these to all messaging apps in order to use many of the features.
Lookout also says they worked directly with the Google Android Security Team to fix the threat on the platform and the “team was highly responsive and worked to find the malicious apps and protect customers.” Once again, when downloading apps, customers should keep in mind that they are doing this from the official Play Store, and not third-party store apps. Also it is best to check the official developer before downloading the app, in order to avoid fake apps, malware or spyware.

Comments

Post a Comment

Popular posts from this blog

Ukraine crisis: Exchange of hundreds of prisoners takes place

Ukrainian President Petro Poroshenko attends a ceremony to welcome prisoners of war (POWs), released after the exchange with pro-Russian separatists, upon their arrival at an airport in Kharkiv, Ukraine December 27, 2017. (Source: Reuters)  Ukraine and separatist rebels in the east of the country have exchanged hundreds of prisoners, in one of the biggest swaps since the conflict began in 2014. Around 230 people were sent to rebel-held areas in return for 74 prisoners who had been held by pro-Russia rebels in the Donetsk and Luhansk regions, BBC reported on Wednesday. It was the first swap in 15 months. The release and exchange of prisoners was one of the points in the Minsk peace agreement, signed in 2015. The deal has stalled since and analysts say the swap does not signify wider progress. Both sides continue to hold other prisoners. The number of prisoners swapped was lower than initially announced after dozens of people who were meant to be returned to rebel-held terr...
Post a Comment
Read more

As many as 12 killed in New York’s deadliest fire in decades

More than 160 firefighters helped bring the blaze under control. (Source: Fire Department New York/Twitter) A massive fire ignited accidentally by a three-year-old boy swept through a five-story apartment building in New York, killing at least 12 people including a toddler and injuring four others in the deadliest blaze to hit the city in decades. The fire broke out around 6:50 pm (local time) yesterday on the first floor of the Prospect Avenue apartment in the Bronx borough of the city and spread quickly, officials said, adding that the cause of the blaze is under investigation. “We found that this fire started in a kitchen on the first floor,” fire commissioner Daniel Nigro said. “It started from a young boy, three and a half years old, playing with the burners on the stove. The fire got started, the mother was not aware of it – she was alerted by the young man screaming.” The boy’s mother fled with her two children, leaving the door to the apartment open – allowing t...
Post a Comment
Read more

Over 1 lakh illegal immigrants arrested in US in 2017

On January 25, Trump issued an executive order to set forth the Administration’s immigration enforcement and removal priorities. (Representational Image) The US authorities have arrested 143,470 illegal immigrants this year, according to a latest report. US Immigration and Customs Enforcement said in its annual report that it has made 143,470 administrative arrests in fiscal year 2017, increasing 30 per cent Year-on-Year, Xinhua news agency reported on Wednesday. An administrative arrest is the arrest of an alien for a civil violation of the immigration laws, which is subsequently adjudicated by an immigration judge or through other administrative processes. Of the total arrests, 110,568 occurred after January 20, which is a 42 per cent increase over the same time period last year, according to the report. US President Donald Trump took the oath of office on January 20 this year. On January 25, Trump issued an executive order to set forth the Administration’s immigrat...
Post a Comment
Read more