Spyware isn’t going anywhere, and neither are its tactics [Thursday, February 08, 2024]

Recent public and private efforts aim to curb spyware use, but its tendrils remain deep. Spyware can track targets and steal personal data. Private...
Spyware isn’t going anywhere, and neither are its tactics [Thursday, February 08, 2024]
Spyware isn’t going anywhere, and neither are its tactics

Spyware isn’t going anywhere, and neither are its tactics

Description :
Recent public and private efforts aim to curb spyware use, but its tendrils remain deep. Spyware can track targets and steal personal data. Private companies sell it regardless of motive. The US and allies want to limit spyware globally but current efforts seem aspirational. However, the US did restrict visas for spyware misuse. Many agree more action is needed. Spyware is embedded in ads, apps and the internet. To curb spyware, info sharing and detection is key. Talos found a new backdoor, Zardoor, used since 2021 in an espionage campaign. It evaded detection and exfiltrated data from a charity. More victims may exist. Talos released protections against it.

Published Created Modified
2024-02-08 21:00:24 2024-02-08 21:00:24 2024-02-08 21:25:25

Tags

Indicators

Malwares :
  • Zardoor
Hashes :
  • 8664e2f59077c58ac12e747da09d2810fd5ca611f56c0c900578bf750cab56b7
  • 77c2372364b6dd56bc787fda46e6f4240aaa0353ead1e3071224d454038a545e
  • 4c3c7be970a08dd59e87de24590b938045f14e693a43a83b81ce8531127eb440
  • 5e537dee6d7478cba56ebbcc7a695cae2609010a897d766ff578a4260c2ac9cf
  • e4973db44081591e9bff5117946defbef6041397e56164f485cf8ec57b1d8934
MITRE ATT&CK Techniques : Other observables :
  • CVE-2024-23222
  • CVE-2024-21893
  • NGO

External References

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.