New SandStrike spyware infects Android devices via malicious VPN app


Threat actors are targeting Android users with SandStrike, a recently identified spyware that is distributed through a rogue VPN application. They disseminate it by sending potential victims to a Telegram channel where they may find links to download and set up the booby-trapped VPN using social media accounts.

They concentrate on Bahá’s who speak Persian and practise their religion, which originated in Iran and other regions of the Middle East. The rogue VPN app is being promoted by the attackers as an easy way to get around geographic restrictions on the dissemination of religious content. Read More…