Researchers: Syrian Electronic Army targeting secure messaging app users with spyware

News by Bradley Barth

The Syrian Electronic Army hacker group has reportedly been investing heavily in a scheme to infect Android device users with a spyware tool hidden inside fake app updates.

The Syrian Electronic Army hacker group has reportedly been investing heavily in a scheme to infect Android device users with a spyware tool hidden inside fake app updates.

Known for its ardent support of Syrian President Bashar al-Assad, the threat group is targeting in particular users of secure messaging apps such as WhatsApp and Telegram. The SEA is spreading malicious updates for these apps through a combination of watering hole websites and phishing emails, according to a report from Forbes, citing researchers at Lookout who presented their findings at the Black Hat conference in London this week.

These fake updates contain a spyware program called SilverHawk that dates back to 2016, the report continues. If a user accepts the fake update’s permissions, the spyware gains admin-level access and is able to access data, files and contacts, as well as operate the device’s microphone and camera.

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events