Negative
22Serious
Neutral
Optimistic
Positive
- Total News Sources
- 1
- Left
- 1
- Center
- 0
- Right
- 0
- Unrated
- 0
- Last Updated
- 14 days ago
- Bias Distribution
- 100% Left
North Korean KoSpy Malware Targets Google Play Users
Security researchers have uncovered the 'KoSpy' spyware, linked to North Korean hacking group APT37, infiltrating Google's Play Store and third-party APKPure with at least five malicious apps. Disguised as utility apps, KoSpy secretly collected sensitive data, such as SMS messages, call logs, and screenshots, and targeted English and Korean-speaking users. The spyware leveraged Firebase Firestore and hardcoded AES keys for data exfiltration to North Korean-controlled servers. Google's Play Protect was able to detect and warn users of the malware, which has since been removed from the app stores. Despite the low number of downloads, the campaign is believed to have specifically targeted individuals in South Korea. The spyware campaign has been active since March 2022, with the latest sample found in March 2024, although the command and control servers are currently inactive.

- Total News Sources
- 1
- Left
- 1
- Center
- 0
- Right
- 0
- Unrated
- 0
- Last Updated
- 14 days ago
- Bias Distribution
- 100% Left
Negative
22Serious
Neutral
Optimistic
Positive
Related Topics
Stay in the know
Get the latest news, exclusive insights, and curated content delivered straight to your inbox.

Gift Subscriptions
The perfect gift for understanding
news from all angles.