LianSpy: new Android spyware targeting Russian users

Tags

External References

• https://securelist.com/
• https://otx.alienvault.com/

Description

Kaspersky discovered an Android spyware campaign called LianSpy that targets Russian users. The malware can capture screencasts, exfiltrate files, and harvest call logs and app lists. It employs evasive tactics like using the Russian cloud service Yandex Disk for command and control communication, avoiding dedicated infrastructure, and utilizing robust encryption. Some features suggest LianSpy is likely deployed through an unknown vulnerability or physical device access.

Date