classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn
 

Search...
Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2017


Powerful Android surveillance software
February 2018, This Week's Editor's Pick, News

Kaspersky Lab researchers have uncovered an advanced mobile implant, active since 2014 and designed for targeted cyber-surveillance, possibly as an ‘offensive security’ product. The implant, named Skygofree includes functionality never seen in the wild before, such as location-based audio recording through infected devices. The spyware is spread through web pages, mimicking leading mobile network operators.

Skygofree is sophisticated, multi-stage spyware that gives attackers full remote control of an infected device. It has undergone continuous development since the first version was created at the end of 2014 and it now includes the ability to eavesdrop on surrounding conversations and noise when an infected device enters a specified location – a feature that has not previously been seen in the wild. Other advanced, unseen features include using Accessibility Services to steal WhatsApp messages and the ability to connect an infected device to Wi-Fi networks controlled by the attackers.

The implant carries multiple exploits for root access and is also capable of taking pictures and videos, seizing call records, SMSs, geolocation, calendar events and business-related information stored in the device’s memory. A special feature enables it to circumvent a battery-saving technique implemented by a top device vendor: the implant adds itself to the list of ‘protected apps’ so that it is not switched off automatically when the screen is off.

The attackers also appear to have an interest in Windows users, and researchers found a number of recently developed modules targeting this platform.

Most of the spoofed landing pages used for spreading the implant were registered in 2015, when according to Kaspersky Lab telemetry the distribution campaign was at its most active. The campaign is ongoing and the most recent domain was registered in October 2017. The data shows there have been several victims to date, all in Italy.

“High end mobile malware is very difficult to identify and block, and the developers behind Skygofree have clearly used this to their advantage: creating and evolving an implant that can spy extensively on targets without arousing suspicion. Given the artefacts we discovered in the malware code and our analysis of the infrastructure, we have a high level of confidence that the developer behind the Skygofree implants is an Italian IT company that offers surveillance solutions, rather like HackingTeam”, said Alexey Firsh, malware analyst, targeted attacks research, Kaspersky Lab.

The researchers found 48 different commands that can be implemented by attackers, allowing for maximum flexibility of use.

Further information, including a list of Skygofree’s commands, indicators of compromise, domain addresses and the device models targeted by the implant’s exploit modules can be found on securelist.com


  Share via Twitter   Share via LinkedIn      

Further reading:

  • Anticipated trends in CCTV for 2018
    February 2018, Leaderware, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring
    One of the trends for 2018 in South Africa is questioning by top management of the value of CCTV systems.
  • What lies ahead in 2018?
    February 2018, Axis Communications SA, Cathexis Technologies, Forbatt SA, Milestone Systems, neaMetrics, Suprema, ZKTeco, G4S South Africa, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Access Control & Identity Management, Cyber Security, Integrated Solutions
    To find out what the physical security industry is expecting in 2018, Hi-Tech Security Solutions asked a few of the leading players what they expect in 2018 in South and southern Africa.
  • Cybersecurity trends 2018
    February 2018, Technews Publishing, This Week's Editor's Pick, Cyber Security
    Cybersecurity will remain a key issue for everyone in every industry this year. Here’s what some experts on the topic have to say.
  • Let me out of here
    February 2018, Technews Publishing, This Week's Editor's Pick, Fire & Safety
    Hi-Tech Security Solutions looks at designing a system that addresses the safe exit of people from a burning building.
  • Campus security must not fall
    February 2018, CAMPROSA (Campus Protection Society of Southern Af, This Week's Editor's Pick, Integrated Solutions, Conferences & Events, Associations
    The Campus Protection Society of Southern Africa (Camprosa) held its annual conference in the second half of 2017 at the Kwa Maritane Bush Lodge in the Pilanesburg Game Reserve.
  • TAPA SA conference 2017
    February 2018, This Week's Editor's Pick, Asset Management, EAS, RFID, Integrated Solutions, Security Services & Risk Management
    TAPA held its South African conference at Emperor’s Palace late last year. Hi-Tech Security Solutions was there to cover the event.
  • Decrypting encryption
    February 2018, Technews Publishing, This Week's Editor's Pick, Cyber Security, Integrated Solutions
    Encryption is undoubtedly useful, but has it advanced to the stage where it is also easily usable in business and consumer settings?
  • Tomorrow’s surveillance – today’s reality
    February 2018, Technews Publishing, Leaderware, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Cyber Security, News, Integrated Solutions
    The Crowne Plaza in Rosebank, Johannesburg, was the setting for the 2017 iLegal conference, a joint venture between Dr Craig Donald and Hi-Tech Security Solutions.
  • Home and neighbourhood security
    February 2018, This Week's Editor's Pick, Perimeter Security, Alarms & Intruder Detection, Products
    The Fynoti home alarm system is a standalone, wireless device that users can place unobtrusively in their homes. It is ideal for a shelf or small table, for example.
  • The Moon at home
    February 2018, This Week's Editor's Pick, Integrated Solutions, IT infrastructure, Products
    World’s first all-in-one smart hub with levitation technology camera to enter into production after a successful crowdfunding campaign.
  • Automated forest fire monitoring
    February 2018, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Fire & Safety, Products
    Firehawk offers an automated lookout service for forest fires, allowing responders to be on the scene in the shortest time possible.
  • Product-specific training is ­essential
    February 2018, Johnson Controls, This Week's Editor's Pick, Education (Industry)
    Generic training is widely available but of limited value to end-users who need to extract the most value from their security products.

 
 
         
Contact:
Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Other
Terms & conditions of use, including privacy policy
PAIA Manual
         
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.