Researchers have uncovered two new Android spyware campaigns, ProSpy and ToSpy, that use fake app upgrades and impersonation websites to steal sensitive user data. These campaigns target users in the UAE and deploy stealthy, persistent malware with sophisticated data exfiltration techniques. #ProSpy #ToSpy #UAE #AndroidSpyware #SignalFakePlugins
Keypoints
- ProSpy and ToSpy campaigns utilize fake upgrade websites mimicking official messaging apps.
- The spyware targets Android users in the United Arab Emirates by disguising malicious files as legitimate plugins and apps.
- Malware requests access to contacts, SMS, files, and device information to exfiltrate sensitive data.
- The campaigns have been active since at least 2022, with ongoing command-and-control infrastructure.
- Use of multiple persistence mechanisms helps the spyware maintain long-term access on infected devices.