A new version of FinSpy spyware has been discovered by security researchers recently. The malicious surveillance tool has evolved to work on both iOS and Android devices, including the capability to monitor activities on almost all popular messaging services.
What are the spyware's capabilities?
Discovered by security researchers from Kaspersky, the latest version of the FinSpy spyware comes with additional surveillance functionalities. This spyware variant is capable of eavesdropping on calls and messages sent via secure messaging services like Signal, Telegram, Threema, WhatsApp, Facebook Messenger, Viber and more.
Among its other capabilities, this new version of FinSpy can now hide signs of jailbreak on Apple phones (using iOS 11 and older versions). In Android, the malware can allow attackers to gain root privileges.
How can FinSpy infect iOS and Android devices?
Based on the information from Kaspersky, attackers need to have physical access in order to infect both Android and iOS devices. This becomes simpler if attackers get access to already jailbroken or rooted device. This can be achieved via phishing through SMS messages, emails, or push notifications.
Kaspersky predicts that the malware variant has infected several dozen mobile devices over the past year. The creators of FinSpy are constantly monitoring security updates for mobile platforms in order to modify the malicious operations of the spyware.
"We observe victims of the FinSpy implants on a daily basis, so it’s worth keeping an eye on the latest platform updates and install them as soon as they are released. Regardless of how secure the apps you use might be, and how protected your data, once the phone is rooted or jailbroken, it is wide open to spying,” wrote the researchers from Kaspersky.