September 20, 2023
Lookout identified and analyzed an Android application sample of Deblind — a component of the Infamous Chisel Android surveillance tooling.
July 19, 2023
Lookout researchers discover advanced Android surveillanceware tied to Chinese espionage group APT41 known to target a wide range of public and private sector organizations.
April 27, 2023
Researchers at the Lookout Threat Lab have discovered a new Android surveillance tied to the Law Enforcement Command of the Islamic Republic of Iran (FARAJA).
Researchers from Lookout have uncovered two new surveillance campaigns, BadBazaar and MOONSHINE, targeting Uyghurs in the People’s Republic of China and abroad.
The Lookout Threat Intel team's recent discovery of Hermit, a mobile surveillanceware tool, shows how mobile surveillanceware could adversely affect enterprise organizations
Lookout researchers have uncovered enterprise-grade Android surveillanceware used by the government of Kazakhstan within its borders.
This one-page threat guidance provides insight into the newly-discovered Predator spyware, which was discovered alongside Pegasus on two Egyptians' phones.
A data leak of more than 50,000 phone numbers revealed a list of identified persons of interest by clients of NSO, developers of the Pegasus malware, since 2016.
Novel Android surveillanceware developed by pro-India APT group Confucius targeting Pakistani officials
The Lookout Threat Intelligence team has discovered two novel Android surveillanceware – Hornbill and SunBird.
A blackmail and sextortion campaign targeting individual users on both iOS and Android
The Lookout Threat Intelligence team has discovered a new mobile app threat targeting iOS and Android users in Chinese speaking countries, Korea and Japan.
The Lookout Threat Intelligence team discovered four Android surveillanceware tools used to target the Uyghur ethnic minority group.
The Lookout Threat Intelligence team has discovered four Android surveillanceware tools used as part of a much larger mAPT (mobile advanced persistent threat).
Lookout researchers have uncovered a long-running surveillance campaign tied to Syrian nation-state actors.
LightSpy was the malware behind the Poisoned News watering hole campaign on iOS.
In April 2020, Lookout released findings on a long-running surveillanceware campaign with ties to Syrian nation-state actors.
Are cybercriminals and scammer's taking advantage of increased communication around COVID-19? Discovery shows new surveillanceware exploits the pandemic.
ToTok is a very popular chat app used in the Middle East that was discovered to be spying on all its users despite not having any nefarious permissions built into the app.
AzSpy appeared to be part of a commercial Android spy platform, known as FullSpy, with a user login page to monitor infected devices.
ArmaSpy was a surveillance family, which appears to have been targeting Iranian users since late 2016 with new samples discovered as recently as mid-2019
Monokle is an advanced and highly-targeted surveillanceware developed by Russian firm STC. It has a number of unique capabilities for stealing data from Android devices
Monokle is a new and sophisticated set of custom Android surveillanceware tools developed by the Russia-based company, Special Technology Centre, Ltd.
eSurvAgent is a sophisticated Android surveillanceware agent.
Lookout Security Intelligence has discovered Android and iOS surveillanceware tools targeting govt. officials, diplomats, military personnel, and activists.
Lookout researchers have identified a new, highly targeted surveillanceware family known as Desert Scorpion in the Google Play Store.
Lookout has discovered new variants of the SpyWaller surveillanceware with advanced espionage capabilities.
Learn about Titan, a family of sophisticated Android surveillanceware apps surfaced by Lookout's automated analysis that is linked to the same actors behind Tropic Trooper.
Lookout researchers are monitoring the evolution of an Android surveillanceware family known as JadeRAT, we believe may be connected to a government sponsored APT group.
Lookout researchers have discovered a new mobile surveillanceware family, FrozenCell. The threat is likely targeting employees of various Palestinian agencies and facilities.
Lookout have identified a mobile trojan called xRAT with extensive data collection functionality and the ability to remotely run a suicide function to avoid detection.
The Lookout Security Intelligence team has discovered an advertising software development kit (SDK) called Igexin that had the capability of spying on victims.
Lookout Security Intelligence researchers discovered the spyware in Google Play and connected it to a known malicious actor potentially operating out of Iraq.
Lookout researchers have identified over a thousand spyware apps related to a threat actor likely based in Iraq. Discover more with Lookout today.
Lookout and Google are releasing research into the Android version of one of the most sophisticated and targeted mobile attacks we’ve seen in the wild: Pegasus.
Using data collected from the Lookout global sensor network, the Lookout research team was able to gain unique visibility into the ViperRAT malware.
Pegasus is a highly sophisticated piece of spyware that uses three previously unknown vulnerabilities called “Trident.” This is the most sophisticated mobile attack seen.
Lookout researchers have been tracking Android and iOS surveillanceware, that can exfiltrate contacts, recordings, photos, & more. Discover what was found.
How did one of the most widely-used, South Korean government-approved "monitoring software" solutions actually leave children's data wide open? Learn more.