Cyble Research and Intelligence Labs (CRIL) has identified a stealthy Android spyware campaign specifically targeting individuals in South Korea. Active since June 2024, this malware exploits an Amazon AWS S3 bucket as its Command and Control (C&C) server, facilitating the exfiltration of sensitive personal data, including SMS messages, contacts, images, and videos.
First seen on thecyberexpress.com
Jump to article: thecyberexpress.com/android-spyware-campaign/