MuddyWater deploys DCHSpy Android spyware amid conflict.

MuddyWater unleashed four new spyware variants one week into the Israel-Iran conflict, hiding them as VPN apps: EarthVPN, Comodo VPN, Hide VPN, and Hazrat Eshq. The organization also promoted them via Telegram channels to English and Farsi speakers. The modular malware harvests accounts, contacts, SMS, call logs, WhatsApp data, location, files, and can record audio/photos, then compresses, encrypts, and exfiltrates the data to an SFTP server.

Read more:

https://www.securityweek.com/new-variants-of-dchspy-spyware-used-by-iranian-apt-to-target-android-users/