Kaspersky provides an inventory of its latest discoveries in terms of cyber threats, among which is a VPN that does not wish you well.
As it stands, the spyware intentionally targets followers of Baha’i.
A VPN that appears falsely attractive…
Kaspersky has unveiled an unnamed VPN app available on Android that contains a virus designed to collect information about the devices it is installed on. According to Kaspersky, this VPN seems functional but hides the SandStrike spyware. The latter makes it possible to discreetly steal various personal data such as the call log or the contact list.
This malicious campaign is far from random and actively targets the Baha’i religious community. Founded in what would be present-day Iran in the mid-19e century, this current claiming to be Abrahamic and monotheistic has mainly spread in several countries of the Middle East as well as in India and finds its current headquarters in Israel. However, in Iran in particular, Baha’ism is not recognized in the same way as other religious minorities and is the subject of regular hostile campaigns on the part of the regime in place since 1979.
If there is nothing in the state to identify the author of this campaign, everything is done to make this VPN very attractive, especially through Facebook and Instagram. It includes profiles with more than 1,000 subscribers and attractive graphic designs for the Baha’i community.
Diffusion also facilitated through Telegram
The prospect of taking advantage of a VPN supposed to allow these believers to access content banned in certain regions then commits them to clicking on a link contained in the bios of the Facebook and Instagram accounts in question. They are thus redirected to a Telegram channel, also created by the attacker, then to the link allowing them to download the VPN application (and the spyware at the same time).
The number of victims potentially spied on by SandStrike is not known. In fact, this campaign is among others in a surge of malicious activity noted in the third quarter of 2022 in the Middle East, according to the report posted by Kaspersky.
Sources: Kaspersky, Bleeping Computer
How to choose the best VPN? Clubic has tested and compared the performance and level of security of the best providers to establish this VPN comparison
Read more
5