Hackers who are believed to be working on behalf of the Lebanese General Security Directorate (GDGS) in Beirut launched a massive cyber espionage campaign on targets in Thailand and 21 other countries, it has been revealed.
According to a new report by the Electronic Frontier Foundation, the group named Dark Caracal, carried out numerous attacks on the Android smartphones of high ranking military personnel, lawyers, journalists, medical professionals and activists.
The attacks, which were carried out on individuals in Asia, Europe, the Middle East and North America resulted in the theft of hundreds of gigabytes of data, that included photos, messages, call records, contact details, audio recordings and more.
According to Lookout Security, which produced the report along with the EFF, the attacks were carried out using a custom made form of spyware called Pallas, which security researchers discovered in 2017.
The malware was hidden inside fake versions of WhatsApp, Telegram and other messaging apps which were downloaded from third party app stores.
“This is a very large, global campaign, focused on mobile devices. Mobile is the future of spying, because phones are full of so much data about a person’s day-to-day life,” Eva Galperin, EFF director of Cybersecurity said in a statement.
Meanwhile, The Register reports that Dark Caracal may have been selling its spyware to governments around the world and various other clients.
“Dark Caracal is part of a trend we’ve seen mounting over the past year whereby traditional APT actors are moving toward using mobile as a primary target platform,” said Lookout’s Mike Murray.
“The Android threat we identified, as used by Dark Caracal, is one of the first globally active mobile APTs we have spoken publicly about.”
“One of the interesting things about this ongoing attack is that it doesn’t require a sophisticated or expensive exploit. Instead, all Dark Caracal needed was application permissions that users themselves granted when they downloaded the apps, not realising that they contained malware,” Cooper Quintin from EFF added.
“This research shows it’s not difficult to create a strategy allowing people and governments to spy on targets around the world.”
The EFF’s full report can be read here [PDF]