Amnesty International’s fake Pegasus scanner infects Windows devices



The malware appears and acts as part of a legitimate antivirus solution designed specifically to scan and remove the Pegasus trace system.

The Sarwent-based attacks have been going on since at least the beginning of the year and have targeted a variety of victim profiles in many countries.

The lure used in previous campaigns is not clear at this time, but researchers at Cisco Talos they found recently a new one attack where Sarwent was delivered through a fake Amnesty International website, which advertises Anti-Pegasus AV.

Read more…