LightSpy Spyware Evolves to Add New Plugins for Data Exfiltration

LightSpy, a malware program used in a 2020 watering hole attack against iOS users, was discovered to contain a group of 14 plugins that are in charge of stealing personal information. Researchers have linked the virus to the Chinese state-sponsored APT41 gang, which in the past had targeted Android users with the spyware programs WyrmSpy and DragonEgg.

ThreatFabric demonstrates that LightSpy comprises a Core implant in addition to 14 plugins, which is in charge of organizing the critical operations for the entire attack chain. Gathering device fingerprints, establishing a complete connection with the C2 server, and obtaining commands from the server are among the Core’s primary functions.

LightSpy Spyware Evolves to Add New Plugins for Data Exfiltration

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address

LightSpy Spyware Evolves to Add New Plugins for Data Exfiltration

04-Oct-23

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

SRI LANKA

KUWAIT

USA | New York

UNITED KINGDOM | London

Address