• CERTIFICATE
    • Eminent CIOs of India
    • Most Trusted Companies
    • Most Admired Brands
    • The most influential CMOs
  • SYNDICATION
    • AMD
    • DELL TECHNOLOGIES
    • HITACHI
    • LOGMEIN
    • MICROSOFT
    • RIVERBED
    • STORAGECRAFT
    • THALES
  • EVENTS
  • GO DIGITAL
  • INFOGRAPHICS
  • PRESS
    • Press Release PR News Wire
    • Press Release Business Wire
    • GlobeNewsWire
  • SPECIAL
    • WHITE PAPER
    • TECHNOMANIA
    • SME
    • SMART CITY
    • SERVICES
    • EDITOR SPEAK
    • CSR INITIATIVES
    • CHANNEL GURU
    • CHANNEL CHIEF
    • CASE STUDY
  • TECHTREND
    • VAR PANCHAYAT
    • TELECOM
    • SOFTWARE
    • POWER
    • PERIPHERALS
    • NETWORKING
    • LTE
    • CHANNEL BUZZ
    • ASK AN EXPERT
  • SUBSCRIBE
  • Apps
  • Game
  • KDS
  • Security
  • Telecom
  • WFH
  • Subscriber to Newsletter
  • August Issue
  • Blogs
  • Vlogs
  • Faceoff
SNA

HOME
NEWS

One-Click Away On Your iOS and Android Phones With Just One WhatsApp Click

One-Click Away On Your iOS and Android Phones With Just One WhatsApp Click

A modern and highly sophisticated malware campaign targets a Tibetan groups to exploit and install spyware , permanent tracker installed on their mobile (iPhone and Android devices). The spyware is delivered through WhatsApp message, all user need to do is a single click on the link within the WhatsApp text, researchers claimed.

 

According to Canadian researchers the POISON CARP employees “eight Android browser exploits and one Android spyware kit, as well as one iOS exploit chain and iOS spyware.”

 

It’s being labeled the most sophisticated attack on Tibetans yet, after attempts were made to steal WhatsApp and Facebook chats as well as locations with some novel techniques. Forbes reported.

 

The hackers, believed to be sponsored by the Chinese government, have been dubbed Poison Carp by Citizen Lab, a group of surveillance-tracking researchers at the University of Toronto. The crew lured targets to open messages by pretending to be journalists or charity workers.

 

The Canadian researchers found technical links between Poison Carp and the group revealed to be targeting the iPhones and Android devices of Uighurs by Google Project Zero and Volexity in August. In particular, the same iPhone malware was used in both sets of attacks, while a website used to launch malicious code at Androids was the same.

 

None of those vulnerabilities were new, though in one case, the attackers tried to exploit a Google Chrome bug whose patch had not yet been deployed to users. Otherwise, anyone who was running an up-to-date Android or iOS at the time should’ve been protected from infection. But for those who didn’t update and were successfully hacked, their WhatsApp and Facebook messages, location, contacts, call and text histories, and Gmail emails could’ve been sent back to the snoops.

 

Each and everyday cyber attacks are evolving and Social Engineering plays a significant role in this campaign, the threat actor engaged in active conversation to infect the targets and to install the spyware on their device.

 

According to Bitly stats as of September 6, 2019, 140 clicks on the iOS exploits and the exploit chain designed targeting iOS versions 11 – 11.4. The exploit chain was reported to Apple security who confirmed both the browser and privilege escalation exploits and it was patched with iOS 11.4.1 in July 2018.as per the report from gbhackers.

 

The malware collection application data such as location data, contacts, call history, SMS history, and the following device information.

 

The Android Exploit dubbed MOONSHINE, like the iOS exploit it too delivered through WhatsApp, if the targets open the links via Chrome-based Android browser, it asks users to open the link via Facebook app’s built-in Chrome-based web browser.

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
Quick Heal, SEQRITE and Tata Tele Business Services together to offer cybersecurity solutions to Enterprise customers
Technology

Quick Heal, SEQRITE and Tata Tele Business Services together to offer cybersecurity solutions to Enterprise customers

by VARINDIA 2023-09-22
Sophos outperforms in MITRE Engenuity ATT&CK Evaluations
Technology

Sophos outperforms in MITRE Engenuity ATT&CK Evaluations

by VARINDIA 2023-09-21
Cisco announces Secure Application, offers expanded visibility and intelligent business risk insights
Technology

Cisco announces Secure Application, offers expanded visibility and intelligent business risk insights

by VARINDIA 2023-09-15
SOFTWARE
View All
Elastic launches AI Assistant for Observability, general availability of Universal Profiling
Technology

Elastic launches AI Assistant for Observability, general availability of Universal Profiling

by VARINDIA 2023-09-21
Red Hat together with Intel to deliver Open Source Industrial Automation
Technology

Red Hat together with Intel to deliver Open Source Industrial Automation

by VARINDIA 2023-09-21
Dell intros latest generation of VxRail
Technology

Dell intros latest generation of VxRail

by VARINDIA 2023-09-20
START - UP
View All
Datacultr expands its reach to LATAM and Africa Regions
Technology

Datacultr expands its reach to LATAM and Africa Regions

by VARINDIA 2023-09-05
Indium Software Recognized as One of America's Fastest-Growing Technology Companies
Technology

Indium Software Recognized as One of America's Fastest-Growing Technology Companies

by VARINDIA 2023-08-21
HC dismisses Indian startups plea against Google's billing policy
Technology

HC dismisses Indian startups plea against Google's billing policy

by VARINDIA 2023-08-05

Tweets From @varindiamag

Nothing to see here - yet

When they Tweet, their Tweets will show up here.

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

by VARINDIA
Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

by VARINDIA
Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

by VARINDIA
Start-Up and Unicorn Ecosystem
Accenture Invests in Writer to Accelerate Enterprise Use of Generative AI

Accenture Invests in Writer to Accelerate Enterprise Use of Generative AI

by VARINDIA
VIAVI wins funding for three projects in DSIT ONE competition

VIAVI wins funding for three projects in DSIT ONE competition

by VARINDIA
Comviva partners with XoXoday to revolutionize loyalty experiences

Comviva partners with XoXoday to revolutionize loyalty experiences

by VARINDIA
ManageEngine Named a Challenger in the 2023 Gartner® Magic Quadrant™ for PAM

ManageEngine Named a Challenger in the 2023 Gartner® Magic Quadrant™ for PAM

by VARINDIA
Standard Chartered Bank teams up with Cummins Technologies to digitalise incentive payments to mechanics

Standard Chartered Bank teams up with Cummins Technologies to digitalise incentive payments to mechanics

by VARINDIA
Genesys and Salesforce announce AI-powered customer experience solution

Genesys and Salesforce announce AI-powered customer experience solution

by VARINDIA
GIGABYTE rolls out two White Motherboards

GIGABYTE rolls out two White Motherboards

by VARINDIA
HCLTech to help Elders in its next phase of digital transformation

HCLTech to help Elders in its next phase of digital transformation

by VARINDIA
Tech Mahindra announces generative AI powered Ops amplifAIer for IT support engineers

Tech Mahindra announces generative AI powered Ops amplifAIer for IT support engineers

by VARINDIA
Apollo Hospitals partners with Google Cloud to boost India’s healthcare ecosystem

Apollo Hospitals partners with Google Cloud to boost India’s healthcare ecosystem

by VARINDIA
×

Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.

  • Distributors & VADs
  • Industry Associations
  • Telco's in India
  • Indian Global Leaders
  • Edit Calendar
  • About Us
  • Advertise Us
  • Contact Us
  • Disclaimer
  • Privacy Statement
  • Sitemap

Copyright varindia.com @1999-2023 - All rights reserved.