Main Points:
– Gilgit-Baltistan website readers potentially targeted by watering hole attack.
– Campaign discovered by cyber security firm ESET, involving the delivery of the previously undisclosed Kamran Android spyware.
– Infested site: Hunza News (urdu.hunzanews[.]net), on mobile devices prompts users to install its app.
– Predominantly Urdu readers targeted.
An unexpected visitor came to drink at the cyber pond, and it’s not making a quiet splash. Readers of one regional news website for the Gilgit-Baltistan region might be the target of a watering hole attack. But don’t worry, no actual water is involved unless you count the cold sweat you may break out into upon hearing the news!
The campaign was discovered by the cyber-magnifying glass (AKA security firm ESET), which lifted the cloak of invisibility off a previously uncharted Android spyware dubbed Kamran. Now, we’re not talking about your friendly neighborhood Kamran who helps you set up your router. This Kamran is more interested in installing itself and giving its inventors some quality voyeur time with your data.
The culprit at the heart of this cyber-tale is the unsuspecting urdu.hunzanews[.]net. Innocently opened on a mobile device, the site whispers to its Urdu visitors to install the app. Who knew your love for the Urdu news could place you right in the crosshairs of a spyware attack?
With this uninvited guest, your language preference could spell out trouble! Primarily Urdu readers are the protégé patrons of this watering hole, tying them in as potential targets for this campaign. Syntax hazards don’t usually involve code, but in this case, they just might!
Put simply, a tricky spyware called Kamran has trespassed onto the tech scene, targeting Urdu readers frequenting the Gilgit-Baltistan region’s news website. This crafty bug, discovered by ESET, uses the website Hunza News to tempt mobile users to install an application, camouflaging it as a simple news app. So next time you’re surfing the net, beware the hidden pests lurking in your digital pond.
Original Article: https://thehackernews.com/2023/11/stealthy-kamran-spyware-targeting-urdu.html
No products in the cart.