Skip to main content

How sloppy OPSEC gave researchers an inside look at the exploit industry

posted onJanuary 21, 2019
by l33tdawg
Cyber Scoop
Credit: Cyber Scoop

The companies that make advanced surveillance software are quiet by design. They generate enough press to let the market (i.e., governments) know their products exist, but it’s not as if there’s an app store for mobile spyware.

They do make mistakes, though. And thanks to two researchers from Lookout, the public now has more information on how these companies operate.

In the course of investigating a new kind of Android-focused mobile malware, Lookout’s Andrew Blaich and Michael Flossman uncovered text conversations among members of a nation-state’s surveillance program. Those files, which were stored on a server that was part of the malware’s command-and-control infrastructure, represented a trove of insight about how much money the particular government budgeted for its program, whether its spies decided to buy exploits or build their own, and why it’s easier than ever for countries to leverage surveillance technology.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th