Threats from Pegasus and Other Spyware Loom Large

Subzero - A spyware similar to Pegasus discovered

• Microsoft has linked a series of cyberattacks to a threat actor, dubbed Knotweed, that distributed Subzero spyware.
• These attacks exploited several Windows and Adobe zero-day vulnerabilities to target organizations in Europe and Central America.
• According to researchers, Subzero is similar to Pegasus in functionality and allows attackers to remotely and silently break into a victim’s computer, phone, network infrastructure, and IoT devices.

Predator spyware exploits Apple devices

• In a fresh report published out of Greece, it has been revealed that a spyware named Predator was used to eavesdrop on a Greek lawmaker.
• The spyware, developed by Cytrox, is capable of launching sophisticated exploits on Apple’s iOS devices.
• Predator was launched via a smishing attack in which the recipient was prompted to click on a URL to unveil the surprise.
• Although the attempted hack was averted successfully, it came to notice only after the discovery of the European parliament spyware infection.

DevilsTongue spyware was also spotted

• Just one week ago, Avast had reported about the DevilsTongue spyware targeting journalists in the Middle East.
• Developed by Israeli surveillance firm Candiru, the spyware exploited a Chrome zero-day Cross-Site Scripting (XSS) vulnerability (CVE-2022-2294) to spread across multiple devices.
• While the attack was primarily targeted at people in the Middle East, researchers claimed that several of these attacks were observed in Lebanon, Turkey, Yemen, and Palestine.
• In one case, the threat actors conducted a watering hole attack by compromising a website used by employees of a news agency.
• The compromised website contained artifacts associated with the attempts to abuse the XSS flaw.

Conclusion