Start your day with intelligence. Get The OODA Daily Pulse.

Home > Briefs > Cyber > Iranian APT Targets Android Users With New Variants of DCHSpy Spyware

Iranian APT Targets Android Users With New Variants of DCHSpy Spyware

MuddyWater deploys DCHSpy Android spyware amid conflict.

MuddyWater unleashed four new spyware variants one week into the Israel-Iran conflict, hiding them as VPN apps: EarthVPN, Comodo VPN, Hide VPN, and Hazrat Eshq. The organization also promoted them via Telegram channels to English and Farsi speakers. The modular malware harvests accounts, contacts, SMS, call logs, WhatsApp data, location, files, and can record audio/photos, then compresses, encrypts, and exfiltrates the data to an SFTP server.

Read more:

https://www.securityweek.com/new-variants-of-dchspy-spyware-used-by-iranian-apt-to-target-android-users/

Tagged: Android Iran Spyware