LightSpy Malware Now Targets Facebook & Instagram Data
Essential information
- Published
- 21/02/2025 15:28
- Modified
- 21/02/2025 16:00
- Tags
- 2025-02-21 command and control facebook infrastructure instagram lightspy malware plugins surveillance
- Related entities
- 27 observables, 12 techniques (mitre), 1 malware
Description
LightSpy, a modular surveillance framework, has expanded its capabilities to target Facebook and Instagram data. The malware, initially focused on mobile devices, now compromises Windows, macOS, Linux, and routers. Recent analysis reveals a significant expansion in its command list, with over 100 commands spanning multiple platforms. New Android commands specifically target Facebook and Instagram database files, potentially allowing attackers to collect private messages, contact lists, and account metadata. The infrastructure analysis uncovered previously unreported components, including a core version dated 2021-12-31. Windows plugins focus on keylogging, audio recording, video capture, and USB interaction. The exposure of admin panel authentication endpoints provides insights into the malware's operational framework.