LianSpy: new Android spyware targeting Russian users
Aug. 6, 2024, 10:05 a.m.
Tags
External References
Description
Kaspersky discovered an Android spyware campaign called LianSpy that targets Russian users. The malware can capture screencasts, exfiltrate files, and harvest call logs and app lists. It employs evasive tactics like using the Russian cloud service Yandex Disk for command and control communication, avoiding dedicated infrastructure, and utilizing robust encryption. Some features suggest LianSpy is likely deployed through an unknown vulnerability or physical device access.
Date
Published: Aug. 6, 2024, 10:03 a.m.
Created: Aug. 6, 2024, 10:03 a.m.
Modified: Aug. 6, 2024, 10:05 a.m.
Attack Patterns
LianSpy
T1519
T1534
T1064
T1557
T1489
T1518
T1498
T1027
T1553
Additional Informations
Russian Federation