Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
Editorials & Other Articles
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Advanced mobile surveillanceware, made in Russia, found in the wild
https://arstechnica.com/information-technology/2019/07/advanced-mobile-surveillanceware-made-in-russia-found-in-the-wild/Researchers have discovered some of the most advanced and full-featured mobile surveillanceware ever seen. Dubbed Monokle and used in the wild since at least March 2016, the Android-based application was developed by a Russian defense contractor that was sanctioned in 2016 for helping that countrys Main Intelligence Directorate meddle in the 2016 US presidential election.
Monokle uses several novel tools, including the ability to modify the Android trusted-certificate store and a command-and-control network that can communicate over Internet TCP ports, email, text messages, or phone calls. The result: Monokle provides a host of surveillance capabilities that work even when an Internet connection is unavailable. According to a report published by Lookout, the mobile security provider that found Monokle is able to:
Retrieve calendar information including name of event, when and where it is taking place, and description
Perform man-in-the-middle attacks against HTTPS traffic and other types of TLS-protected communications
Collect account information and retrieve messages for WhatsApp, Instagram, VK, Skype, imo
Receive out-of-band messages via keywords (control phrases) delivered via SMS or from designated control phones
Send text messages to an attacker-specified number
Reset a users pincode
Record environmental audio (and specify high, medium, or low quality)
Make outgoing calls
Record calls
Interact with popular office applications to retrieve document text
Take photos, videos, and screenshots
Log passwords, including phone unlock PINs and key presses
Retrieve cryptographic salts to aid in obtaining PINs and passwords stored on the device
Accept commands from a set of specified phone numbers
Retrieve contacts, emails, call histories, browsing histories, accounts and corresponding passwords
Get device information including make, model, power levels, whether connections are over Wi-Fi or mobile data, and whether screen is on or off
Execute arbitrary shell commands, as root, if root access is available
Track device location
Get nearby cell tower info
List installed applications
Get nearby Wi-Fi details
Delete arbitrary files
Download attacker-specified files
Reboot a device
Uninstall itself and remove all traces from an infected phone
Commands in some of the Monokle samples Lookout researchers analyzed lead them to believe that there may be versions of Monokle developed for devices running Apples iOS. Unused in the Android samples, the commands were likely added unintentionally. The commands controlled iOS functions for the keychain, iCloud connections, Apple Watch accelerometer data, iOS permissions, and other iOS features or services. Lookout researchers didnt find any iOS samples, but they believe iOS versions may be under development. Monokle gets its name from a malware component a developer titled "monokle-agent."
----
More at link
InfoView thread info, including edit history
TrashPut this thread in your Trash Can (My DU » Trash Can)
BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks)
1 replies, 1283 views
ShareGet links to this post and/or share on social media
AlertAlert this post for a rule violation
PowersThere are no powers you can use on this post
EditCannot edit other people's posts
ReplyReply to this post
EditCannot edit other people's posts
Rec (7)
ReplyReply to this post
1 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
Advanced mobile surveillanceware, made in Russia, found in the wild (Original Post)
Anon-C
Jul 2019
OP
Thekaspervote
(34,758 posts)1. Oh my!!! And what is anyone doing about it?