ESET researchers have discovered that the attackers have been distributing the Plead malware via compromised routers and man-in-the-middle attacks against the legitimate ASUS WebStorage software. In July 2018 we discovered that the Plead backdoor was digitally signed by a code-signing certificate that was issued to D-Link Corporation. Recently we detected a new activity involving the same malware … More Plead malware distributed via MitM attacks at router level, misusing ASUS WebStorage
FinFisher, also known as FinSpy, has a history of being used in surveillance campaigns, both against legitimate targets and against political opposition in some countries. Despite that, the latest thorough analyses dealt with samples from as long ago as 2010. Since then, the FinFisher spyware received strong anti-analysis measures; apparently, this is also the reason why the … More ESET’s guide makes it possible to peek into FinFisher
New surveillance campaigns utilising FinFisher, infamous spyware known also as FinSpy and sold to governments and their agencies worldwide, are in the wild. Besides featuring technical improvements, some of these variants have been using a cunning, previously-unseen infection vector with strong indicators of major internet service provider (ISP) involvement. FinFisher has extensive spying capabilities, such as … More New FinFisher surveillance campaigns: Are internet providers involved?
We read that “FinFisher spyware made by U.K.-based Gamma Group can take control of a range of mobile devices, including Apple Inc.’s iPhone and Research in Motion Ltd.’s BlackBerry…”, at the opening of a Bloomberg article that several readers of the ESET blog sent us yesterday, along with a number of questions that boil down … More FinSpy and FinFisher spy on you via your cellphone and PC