The infamous Pegasus spyware is back in the headline for targeting top EU officials. A tool developed by Israeli surveillance firm NSO Group, Pegasus was also held responsible for spying on 30 activists, academics, lawyers, and NGO workers in Thailand. While investigations are ongoing to understand the scope of recent attacks by the spyware, several other new attacks distributing various spyware have come to the light of researchers.
Subzero - A spyware similar to Pegasus discovered
Microsoft has linked a series of cyberattacks to a threat actor, dubbed Knotweed, that distributed Subzero spyware.
These attacks exploited several Windows and Adobe zero-day vulnerabilities to target organizations in Europe and Central America.
According to researchers, Subzero is similar to Pegasus in functionality and allows attackers to remotely and silently break into a victim’s computer, phone, network infrastructure, and IoT devices.
Predator spyware exploits Apple devices
In a fresh report published out of Greece, it has been revealed that a spyware named Predator was used to eavesdrop on a Greek lawmaker.
The spyware, developed by Cytrox, is capable of launching sophisticated exploits on Apple’s iOS devices.
Predator was launched via a smishing attack in which the recipient was prompted to click on a URL to unveil the surprise.
Although the attempted hack was averted successfully, it came to notice only after the discovery of the European parliament spyware infection.
DevilsTongue spyware was also spotted
Just one week ago, Avast had reported about the DevilsTongue spyware targeting journalists in the Middle East.
Developed by Israeli surveillance firm Candiru, the spyware exploited a Chrome zero-day Cross-Site Scripting (XSS) vulnerability (CVE-2022-2294) to spread across multiple devices.
While the attack was primarily targeted at people in the Middle East, researchers claimed that several of these attacks were observed in Lebanon, Turkey, Yemen, and Palestine.
In one case, the threat actors conducted a watering hole attack by compromising a website used by employees of a news agency.
The compromised website contained artifacts associated with the attempts to abuse the XSS flaw.
Threats from spyware loom large across the globe. Therefore, organizations must be aware of the attack vectors, including phishing emails and exploitation of known vulnerabilities. By taking appropriate security measures and leveraging threat intelligence insights, organizations can prevent these attacks.