Brother
Professional
- Messages
- 2,590
- Reaction score
- 539
- Points
- 113
The FinSpy implant for iOS can hide jailbreak traces, and the Android version contains an exploit to obtain superuser rights.
Kaspersky Lab has discovered a new version of FinSpy spyware that can track all user actions on a mobile device. The malware collects information from messengers that use encryption, such as Telegram, WhatsApp, Signal and Threema. The FinSpy implant for iOS can hide the traces of a jailbreak, and the Android version contains an exploit to obtain superuser rights and execute commands on a non-jailbroken device.
Installing malware requires physical access to the device or the ability to infect via SMS, email, or push notification if the device has been jailbroken or is running an outdated version of Android. FinSpy is actively used in targeted espionage, since an attacker can monitor the entire operation of the device. The attacker gains access to contacts, emails, SMS, calendar entries, GPS data, photos, saved files, voice calls and data from instant messengers, according to a detailed report.
The creators of FinSpy are constantly monitoring new ways to protect mobile devices and promptly update their program. They also identify the most popular applications among potential victims for more successful information gathering.
Users are advised not to leave mobile devices unlocked, not to tell anyone their password for it, to install programs only from official app stores, not to follow suspicious links from unknown numbers, to block the ability to install programs from unknown sources, to regularly check and immediately remove unknown applications, and also install reliable antivirus software.
