Cybersecurity researchers have uncovered new Android spyware campaigns, ProSpy and ToSpy, concealed within fake messaging apps targeting users in the United Arab Emirates. These campaigns utilize fake websites and app stores to install persistent spyware capable of stealing sensitive data, with ongoing operations linked to command-and-control servers. #ProSpy #ToSpy #ESET #UAE #AndroidSpyware
Keypoints
- Researchers found two Android spyware campaigns called ProSpy and ToSpy targeting UAE users.
- The spyware is embedded in fake messaging apps like Signal and ToTok, spread through fake websites and app stores.
- The malware allows attackers to steal data, contacts, chat backups, and media files.
- Fake websites, including a counterfeit Samsung Galaxy Store, are used to distribute the spyware manually.
- The ToSpy campaign is ongoing, with detections dating back to 2022, and ProSpy was discovered in 2024.
Read More: https://therecord.media/researchers-spyware-uae-infections