Cyber-security firm, Lookout has discovered a new hacking campaign, which is currently operating out of Beirut under the leadership of the Lebanese General Directorate of General Security.
This Android malware is especially dangerous because it has the ability to give hackers access to the most private information stored on the affected device. Personal details such as text messages, call logs, bank account details, passwords and so on can easily be gained through this method. The Android malware has apparently spread to 21 countries already.
“The hacking group, nicknamed Dark Caracal by Lookout, uses custom Android malware included in fake versions of secure messaging apps like Signal and WhatsApp to steal text messages – including two-factor authentication codes – and other data from target’s mobile devices,” reports Gizmodo.
The malware also allows individuals to activate a device’s front and rear cameras as well as the microphones without actually taking consent from the owner itself. The malware is based on FinFisher software – which is a surveillance tool which is marketed to law enforcement and government agencies and thus, makes it much more difficult to figure out the disguise. “Dark Caracal has successfully run numerous campaigns in parallel and we know that the data we have observed is only a small fraction of the total activity,” Lookout said in their report.
The researchers claimed that the malicious activity was traced to the official GDGS building, which is one of Lebanon’s intelligence agencies. For those who aren’t aware, this organization essentially tracked down devices to test malware. “Based on the available evidence, it is likely that the GDGS is associated with or directly supporting the actors behind Dark Caracal,” the researchers said. Individuals expanding through many different regions, including China, the United States of America, India, and Russia are affected by this malware. There hasn’t been any effort made to curb the spread of this problem.