- cross-posted to:
- westsahara
- cross-posted to:
- westsahara
New mobile malware masquerading as a news app has been spotted targeting human rights activists associated with the Sahrawi Arab Democratic Republic (SADR), a partially recognized state in the western part of the Sahara desert.
Researchers at Cisco Talos and the Yahoo Advanced Cyber Threats Team uncovered the malicious Android mobile app, which pretends to be a variant of the Sahara Press Service app, run by a media agency associated with SADR.
In a spying campaign that Talos believes began this January and appears to be in its nascent stages, the custom-built app has been distributed via spearphishing emails sent to human rights activists in Morocco and SADR, also known as the Western Sahara.
Talos assessed that the app and surveillance infrastructure for the campaign were custom-made, suggesting “a heavy focus on stealth and conducting activities under the radar.” The app itself displays legitimate news content from the press service, but also allows the attackers to steal information from the target’s Android device and execute arbitrary code.