Cybersecurity News

Meta warns of increasing spyware attacks targeting IOS, Windows, and Android

Meta – the company behind networking giants WhatsApp, Facebook, and Instagram – are warning of firms selling spyware targeting IOS, Android, and Windows devices.

Meta Platforms has taken decisive action against malicious activity originating from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating within the surveillance-for-hire industry. These measures were detailed in the Adversarial Threat Report for the fourth quarter of 2023. The spyware, which targeted iOS, Android, and Windows devices, was found to possess various capabilities, including collecting device information, accessing location data, and enabling microphone, camera, and screenshot functionality.

I covered what spyware was within my guide to the 14 types of the most common malware attacks.

The implicated companies, including Cy4Gate/ELT Group, RCS Labs, IPS Intelligence, Variston IT, TrueL IT, Protect Electronic Systems, Negg Group, and Mollitiam Industries, engaged in a range of activities such as scraping, social engineering, and phishing across multiple platforms including Facebook, Instagram, X (formerly Twitter), YouTube, and others.

For instance, fictitious personas linked to RCS Labs, owned by Cy4Gate, were involved in tricking users into providing personal information and clicking on malicious links. Similarly, Facebook and Instagram accounts associated with Variston IT, a Spanish vendor, were removed for exploit development and testing purposes.

In addition, Meta identified accounts used by Negg Group to test spyware delivery and by Mollitiam Industries, a Spanish firm offering data collection services targeting various operating systems. Moreover, Meta took action against coordinated inauthentic behaviour originating from China, Myanmar, and Ukraine, removing over 2,000 accounts, Pages, and Groups from its platforms.

As part of countermeasures, Meta introduced new features such as Control Flow Integrity (CFI) on Messenger for Android and VoIP memory isolation for WhatsApp to enhance security. However, despite efforts to mitigate surveillance threats, the industry continues to evolve, as demonstrated by the recent discoveries of surveillance tools like Patternz and the MMS Fingerprint attack.

Patternz, revealed by 404 Media and ICCL, leverages real-time bidding (RTB) advertising data from popular apps to track mobile devices, while the MMS Fingerprint attack, uncovered by Enea, suggests potential exploitation of a mobile network vulnerability by the NSO Group. Though no evidence of recent exploitation exists, these revelations underscore ongoing challenges in combating surveillance threats and the importance of continued vigilance and innovation in cybersecurity.

How can I protect myself from Spyware?

To protect yourself from spyware, it’s essential to maintain a proactive approach to cybersecurity. Start by regularly updating all your devices’ operating systems, applications, and web browsers. These updates often include patches for security vulnerabilities that could be exploited by spyware.

Exercise caution when clicking on links in emails, text messages, or social media posts, particularly if they come from unfamiliar or suspicious sources. These links could lead to malicious websites designed to distribute spyware onto your device.

Additionally, be vigilant about the software you download and install. Stick to reputable sources such as official app stores or trusted websites when downloading applications or software. Avoid downloading apps or files from unverified sources, as they may contain hidden spyware or malware.

Consider installing reputable antivirus and antispyware software on all your devices. These programs can help detect and remove spyware infections, as well as provide real-time protection against new threats.

Regularly review the permissions granted to applications on your devices. Some apps may request access to sensitive information or device features that they don’t need to function properly. Limit the permissions granted to apps to minimise the risk of unauthorised access to your data.

Lastly, practice good cybersecurity hygiene by creating strong, unique passwords for your accounts and enabling two-factor authentication whenever possible. Be mindful of the information you share online and avoid posting sensitive or personal details on public forums or social media platforms. By staying vigilant and following these best practices, you can help protect yourself from spyware threats.

Hey! Can we make it official? 😘

I would love to share my latest ethical hacking, defensive security, OSINT, and anonymity guides with you. But I’ll need you to trust me with something… your email address. I promise not to spam you, and you can count on me to keep your data safe πŸ˜‡

Related Hacking Guides

Fifteen Steps to maximising firefox privacy πŸ”’βœ…

Download the complete FireFox checklist that I give to my counter-surveillance clients – completely free of charge! I will take you step-by-step through advanced Firefox Configurations that will help you maximise your privacy, security and anonymity.Β 

Enter your details below and I will email it to you straight away. And don’t worry, your data is safe with me πŸ˜‡

Access free subscriber only content 😘

I would love to share my latest ethical hacking, defensive security, OSINT, and anonymity guides with you. But I’ll need you to trust me with something… your email address. Your data will be encrypted and I will never sell it to third parties πŸ˜‡

UK Cybersecurity Company

About Aitken Security

Aitken Security is a UK Cybersecurity Company specialising in offensive and defensive security.