Malware & Threats

New Variants of ‘Old’ Symbian Mobile Spyware Emerge

According to a recent advisory, a new variant of spyware “Spy.Felxispy” targeting Symbian devices has recently been identified by the National Computer Virus Emergency Response Centre of China. According to NetQin, more than a dozen variants of the spyware have emerged since the first was spotted, and the latest has affected 150,000+ devices. Note that Spy.Felxispy is NOT new malware, these are variants of it. The malware is also sometimes know as “Trojan-Spy:SymbOS/Flexispy.A” as identified by security firm F-Secure and others, and has been floating around since 2006.

SecurityWeek News

February 23, 2011

According to NetQin, the cybercriminals usually install the spyware on the phone by sending an MMS containing the spyware to users to lure them to click.

Once installed, the spyware will turn on the Conference Call feature of the device without users’ awareness. When users are making phone calls, the spyware automatically adds itself to the call to monitor the conversation. Additionally, the Spy.Felxispy mobile malware can remotely turn on the speaker on the phone to monitor sounds around users without the users’ awareness. Apart from that, the spyware is also capable of synchronizing the messages the user received and delivered to the monitoring phone, compromising users’ privacy.

Written By SecurityWeek News

Latest News

Click to comment

Dealing With the Carcinization of Security

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.

Marc Solomon

Stop, Collaborate and Listen: Disrupting Cybercrime Networks Requires Private-Public Cooperation

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Derek Manky

How the Atomized Network Changed Enterprise Protection

Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud, and edge.

Matt Wilson

Mapping Threat Intelligence to the NIST Compliance Framework Part 2

How threat intelligence is critical when justifying budget for GRC personnel, and for threat intelligence, incident response, security operations and CISO buyers.

Landon Winkelvoss

Password Dependency: How to Break the Cycle

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the password dependency cycle. But how can this be done?

Torsten George

Malware & Threats

Microsoft Office to Block XLL Add-ins From Internet

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Ionut ArghireJanuary 24, 2023

Apple patches exploited vulnerability in old iPhones

Mobile & Wireless

Apple Patches WebKit Code Execution in iPhones, MacBooks

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Ryan NaraineJanuary 23, 2023

Mobile & Wireless

Arm Vulnerability Leads to Code Execution, Root on Pixel 6 Phones

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Ionut ArghireJanuary 24, 2023

Mobile & Wireless

Apple Patches Exploited iOS Vulnerability in Old iPhones

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Eduard KovacsJanuary 24, 2023

Cybercrime

US Government Agencies Warn of Malicious Use of Remote Management Software

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Ionut ArghireJanuary 26, 2023

Mobile & Wireless

Samsung Galaxy Store Flaws Can Lead to Unwanted App Installations, Code Execution

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Ionut ArghireJanuary 23, 2023

Cybercrime

Chinese Hackers Adopting Open Source ‘SparkRAT’ Tool

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Ionut ArghireJanuary 26, 2023

Cybercrime

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Eduard KovacsOctober 1, 2019

SECURITYWEEK NETWORK:

Security Experts:

More from SecurityWeek News

Latest News

Trending

Expert Insights

Dealing With the Carcinization of Security

Stop, Collaborate and Listen: Disrupting Cybercrime Networks Requires Private-Public Cooperation

How the Atomized Network Changed Enterprise Protection

Mapping Threat Intelligence to the NIST Compliance Framework Part 2

Password Dependency: How to Break the Cycle

Latest News

Cybercrime

Zendesk Hacked After Employees Fall for Phishing Attack

Cybercrime

Malicious Prompt Engineering With ChatGPT

Cyberwarfare

Cyberattacks Target Websites of German Airports, Admin

Data Breaches

GoTo Says Hackers Stole Encrypted Backups, MFA Settings

Network Security

NSA Publishes Security Guidance for Organizations Transitioning to IPv6

Related Content

Malware & Threats

Microsoft Office to Block XLL Add-ins From Internet

Mobile & Wireless

Apple Patches WebKit Code Execution in iPhones, MacBooks

Mobile & Wireless

Arm Vulnerability Leads to Code Execution, Root on Pixel 6 Phones

Mobile & Wireless

Apple Patches Exploited iOS Vulnerability in Old iPhones

Cybercrime

US Government Agencies Warn of Malicious Use of Remote Management Software

Mobile & Wireless

Samsung Galaxy Store Flaws Can Lead to Unwanted App Installations, Code Execution

Cybercrime

Chinese Hackers Adopting Open Source ‘SparkRAT’ Tool

Cybercrime

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability