LightSpy Spyware Campaign Targets iPhones Across South Asia
Security researchers have uncovered a new cyber espionage campaign primarily targeting iPhone users in South Asia. Find out more about the spyware implant and the risk it poses to Apple devices.
- iPhone users across South Asian countries face a new spyware campaign threat called LightSpy.
- The spyware implant creates an advanced backdoor in iOS that is usually distributed through compromised websites and watering hole attacks.
Cybersecurity researchers have found that iPhone users in South Asian countries are being targeted by a cyber espionage campaign aiming to deliver a spyware implant called LightSpy to iOS devices. Kaspersky and Trend Micro previously noticed a LightSpy campaign in 2020, with the spyware being primarily distributed through watering hole attacks and compromised websites.
According to a report by cyber security researchers from the Blackberry Threat Research and Intelligence Team, the latest version of the LightSpy campaign uses a modular framework with sophisticated spying capabilities. LightSpy uses a certificate pinning strategy to prevent interception and detection of any communication made to its command and control servers.
The campaign has largely targeted iPhone users in India, although there have been several reports from Sri Lanka, Afghanistan, Pakistan, Bangladesh, Nepal, Bhutan, Maldives, and Iran.
See More: Palo Alto Zero-Day Flaw Exploited Through Python Backdoor
According to the report, the attack is suspected to have been conducted by Chinese hackers owing to its functionality and infrastructure similarities to DragonEgg spyware, which has been linked to APT41, a Chinese nation-state hacker group. The report states that LightSpy can extract sensitive information such as location data, sound recordings, contacts, SMS messages, and data from apps such as Telegram and WeChat.
The re-emergence of LightSpy spyware implants highlights the growing threat of mobile espionage threat campaigns. The campaign follows in the footsteps of the recent mercenary spyware attacks that impacted iPhone users in 92 countries and makes Apple’s security updates all the more important.
What do you think about Apple’s product security policies? Share your thoughts on LinkedIn, X, or Facebook. We’d love to hear from you!
Image source: Shutterstock
LATEST NEWS STORIES
