In general, DazzleSpy can result in severe privacy issues, financial losses, and identity theft-it does not only steal files but also locate, inspect, and modify them.Īmong the most at-risk information are IP address, Wi-Fi SSID or Service Set Identifier, device Universally Unique Identifier (UUID), Mac serial number, disk data and size, operating system version, account username, and alarmingly, sensitive data. ![]() The exploit poses serious risks because when launching executable files, it bypasses user permission requests. Meanwhile, PC Risk determined that DazzleSpy infects systems using a sophisticated exploit that takes advantage of a flaw in Safari browsers installed on Mac (potentially those on iOS running products as well). (Photo : ISSOUF SANOGO/AFP via Getty Images) How DazzleSpy worksĭazzleSpy is described as malware similar to LightSpy in 2020, which is a modular backdoor that allows an attacker to remotely execute commands on an infected device and generally cause havoc on the victim's phone. ![]() Read also: Mac Trojan Malware Can Hack Your Apple Device, Run Ads and Steal Info: 8 Ways to Prevent, Remove WizardUpdate What is more interesting about this is that ESET researchers said the attack appears to have come from "a well-resourced group, likely state-backed." The attack was first encountered by some Mac users who visited a fake website that featured democracy movements. ![]() However, ESET researchers said via WeLiveSecurity that they have been investigating the issue a week before the report and now have a fuller understanding of the attacks, including the conclusion that DazzleSpy is being used for geopolitically motivated attacks.ĮSET researchers discovered that a legitimate D100 Radio pro-democracy radio station website was compromised to spread DazzleSpy.Ĭonsidering the digital spaces where the attacks happened, it is clear that the campaign targets freedom of speech advocates, independence, and political activists, particularly in Hong Kong. In November 2021, Google Threat Analysis Group (TAG) issued a report that they have "discovered watering hole attacks targeting visitors to Hong Kong websites for a media outlet and a prominent pro-democracy labor and political group." Researchers at digital security firm ESET have released detailed information about a watering hole attack called "DazzleSpy," a malware that can be used to perform surveillance on a Mac.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |