Experts uncover Kaspersky on new versions of the monitoring tool the software advanced malware FinSpy. And these versions that are cultivated in the systems of iOS andAndroidto monitor the activity present on almost all services, common messaging, including services encrypted, and to improve a way to hide its effects. And tools an attacker to spy on all activities of the device and to obtain sensitive data such as geolocation coordinates, messages, photos, calls, etc.
The FinSpy software tool for effective control-oriented activity is observed in the theft of information from international organizations, NGOs, government organizations and security in all parts of the world, and operators of air conditioning, the behavior of each process is subversive to achieve a particular goal or set of goals.
It includes the basic functions of this tool to monitor a virtually unlimited activities of the target device, such as to determine its geographical location, has access to all incoming and outgoing messages, contacts and media stored on the device, the data service common messaging such as WhatsApp, Facebook Messenger Viber. All data is transferred withdrawn from the device to the attacker through SMS messages or through HTTP protocol.
The latest known versions of malicious software this to expand the scope of surveillance to include the services of a reporter considered “safe”, such as the Telegram and signal وThreema, as they are more adept at covering their tracks. Became like Can software the target device a working version 11 and older versions of the iOS operating system, to hide the signs of “jailbreaking” or what is known as Jailbreak, while the new version targeting system Android on the property to exploit is able to get the privilege of unlimited access almost to files core existing in the root system, and full access to all the files and code, on any device with a closed system Root.
And it needs the attackers to either possession of the phone, personally, or attack the device was broken the bathroom (in iOS) or unlock root (Android), based on the information available for Kaspersky. There are at least three vectors, the potential to infect phones broken bathroom or open the root, include SMS, email or notifications.
Related topics what you read now:
And, according to Kaspersky, the injury of several tens of mobile devices over the past year this tool malware.
Said Alexey Virchow expert and security researcher have Kaspersky, the developers of the tool FinSpy malicious software are constantly watching updates security operating systems mobile devices and are keen to change the software tool quickly to avoid prevented by those updates, and added: “Follow the vandals expectations and carry out functions to pull data from apps popular usage, the implementation of see day injuries to the victims of this tool, so it should follow the new updates for operational and installed as soon as it is released, because just opening the root of the phone or jailbreak it, it becomes wide open to regardless of the level of security of the applications used on them and how to protect the data stored on it”.
Advised researchers Kaspersky users the following measures to avoid falling victim to tool malicious FinSpy:
- Avoid leaving your smartphone or tablet to open and hide the PIN from others when entering it on the device.
- Avoid breaking protection device or unlock root because this will facilitate the task of the attackers.
- War on download mobile apps from app stores official only, like the Google Play Store.
- Do not click on suspicious links sent from contacts anonymous.
- Block the installation of software from unknown sources through the device settings.
- Avoid disclosure of passwords or PIN code for your device mobile, even with people trusted.
- Avoid storing files or unknown applications on your device, because it may harm your privacy
- Download a security solution is reliable and private with mobile devices, such as Kaspersky Internet Security for Android.
You can see the full report on Securelist.com
Software FinSpy malware strikes again in new versions control systems-iOS and Android