serisec

Category: spyware

  • ICE Uses Graphite Spyware

    ICE Uses Graphite Spyware ICE has admitted that it uses spyware from the Israeli company Graphite. Bruce Schneier Go to bruce schneier

  • Ireland Proposes Giving Police New Digital Surveillance Powers

    Ireland Proposes Giving Police New Digital Surveillance Powers This is coming: The Irish government is planning to bolster its police’s ability to intercept communications, including encrypted messages, and provide a legal basis for spyware use. Bruce Schneier Go to bruce schneier

  • pcTattletale founder pleads guilty in rare stalkerware prosecution

    pcTattletale founder pleads guilty in rare stalkerware prosecution The founder of a spyware company that encouraged customers to secretly monitor their romantic partners has pleaded guilty to federal charges – marking one of the few successful US prosecutions of a stalkerware operator. Read more in my article on the Hot for Security blog. Graham Cluley…

  • Man jailed for teaching criminals how to use malware

    Man jailed for teaching criminals how to use malware A 49-year-old man has received a five-and-a-half year jail sentence after admitting to creating detailed video tutorials that showed members of a criminal gang how to infect Android phones with spyware and drain their bank accounts. Read more in my article on the Hot for Security…

  • State-backed spyware attacks are targeting Signal and WhatsApp users, CISA warns

    State-backed spyware attacks are targeting Signal and WhatsApp users, CISA warns CISA, the US Cybersecurity and Infrastructure Security Agency, has issued a new warning that cybercriminals and state-backed hacking groups are using spyware to compromise smartphones belonging to users of popular encrypted messaging apps such as Signal, WhatsApp, and Telegram. Read more in my article…

  • Apple’s Bug Bounty Program

    Apple’s Bug Bounty Program Apple is now offering a $2M bounty for a zero-click exploit. According to the Apple website: Today we’re announcing the next major chapter for Apple Security Bounty, featuring the industry’s highest rewards, expanded research categories, and a flag system for researchers to objectively demonstrate vulnerabilities and obtain accelerated awards. We’re doubling…

  • Surveying the Global Spyware Market

    Surveying the Global Spyware Market The Atlantic Council has published its second annual report: “Mythical Beasts: Diving into the depths of the global spyware market.” Too much good detail to summarize, but here are two items: First, the authors found that the number of US-based investors in spyware has notably increased in the past year,…

  • Smashing Security podcast #424: Surveillance, spyware, and self-driving snafus

    Smashing Security podcast #424: Surveillance, spyware, and self-driving snafus A Mexican drug cartel spies on the FBI using traffic cameras and spyware — because “ubiquitous technical surveillance” is no longer just for dystopian thrillers. Graham digs into a chilling new US Justice Department report that shows how surveillance tech was weaponised to deadly effect. Meanwhile,…

  • When hackers become hitmen

    When hackers become hitmen So, you think hacking is just about stealing information, extorting ransoms, or wiping out company data? The truth is, sometimes it’s about killing people too… Graham Cluley Go to grahamcluley

  • Paragon Spyware Used to Spy on European Journalists

    Paragon Spyware Used to Spy on European Journalists Paragon is an Israeli spyware company, increasingly in the news (now that NSO Group seems to be waning). “Graphite” is the name of its product. Citizen Lab caught it spying on multiple European journalists with a zero-click iOS exploit: On April 29, 2025, a select group of…

  • 21 million employee screenshots leaked in bossware breach blunder

    21 million employee screenshots leaked in bossware breach blunder If you thought only your boss was peeking at your work screen, think again. Employee-monitoring tool Work Composer has committed a jaw-dropping blunder, leaving a treasure trove of millions of workplace screenshots openly accessible on the internet with no encryption in place, and no password required.…

  • Report on Paragon Spyware

    Report on Paragon Spyware Citizen Lab has a new report on Paragon’s spyware: Key Findings: Introducing Paragon Solutions. Paragon Solutions was founded in Israel in 2019 and sells spyware called Graphite. The company differentiates itself by claiming it has safeguards to prevent the kinds of spyware abuses that NSO Group and other vendors are notorious…

  • Flaw found in stalkerware apps, exposing millions of people. Here’s how to find out if your phone is being spied upon

    Flaw found in stalkerware apps, exposing millions of people. Here’s how to find out if your phone is being spied upon A serious security vulnerability has been found in popular stalkerware apps, exposing the sensitive personal information and communications of millions of people. Read more in my article on the Hot for Security blog. Graham…

  • Screenshot-Reading Malware

    Screenshot-Reading Malware Kaspersky is reporting on a new type of smartphone malware. The malware in question uses optical character recognition (OCR) to review a device’s photo library, seeking screenshots of recovery phrases for crypto wallets. Based on their assessment, infected Google Play apps have been downloaded more than 242,000 times. Kaspersky says: “This is the…

  • Journalists and Civil Society Members Using WhatsApp Targeted by Paragon Spyware

    Journalists and Civil Society Members Using WhatsApp Targeted by Paragon Spyware This is yet another story of commercial spyware being used against journalists and civil society members. The journalists and other civil society members were being alerted of a possible breach of their devices, with WhatsApp telling the Guardian it had “high confidence” that the…

  • Smashing Security podcast #402: Hackers get hacked, the British Museum IT shutdown, and social media kidnaps

    Smashing Security podcast #402: Hackers get hacked, the British Museum IT shutdown, and social media kidnaps What happens when eager computer enthusiasts unknowingly download a trojanized hacking tool and find themselves on the wrong side of cybersecurity? A former employee’s actions led to chaos and raise urgent questions about the security of cultural treasures. And…

  • Spyware Maker NSO Group Found Liable for Hacking WhatsApp

    Spyware Maker NSO Group Found Liable for Hacking WhatsApp A judge has found that NSO Group, maker of the Pegasus spyware, has violated the US Computer Fraud and Abuse Act by hacking WhatsApp in order to spy on people using it. Jon Penney and I wrote a legal paper on the case. Bruce Schneier Go…

  • Detecting Pegasus Infections

    Detecting Pegasus Infections This tool seems to do a pretty good job. The company’s Mobile Threat Hunting feature uses a combination of malware signature-based detection, heuristics, and machine learning to look for anomalies in iOS and Android device activity or telltale signs of spyware infection. For paying iVerify customers, the tool regularly checks devices for…

  • NSO Group Spies on People on Behalf of Governments

    NSO Group Spies on People on Behalf of Governments The Israeli company NSO Group sells Pegasus spyware to countries around the world (including countries like Saudi Arabia, UAE, India, Mexico, Morocco and Rwanda). We assumed that those countries use the spyware themselves. Now we’ve learned that that’s not true: that NSO Group employees operate the…