Farseer malware brings Windows exploits to attack group’s Android arsenal

From zdnet.com

A new brand of malware has been developed to give a threat group the tools required to attack Windows operating systems alongside their usual Android targets.

On Tuesday, cybersecurity researchers from Palo Alto’s Unit 42 said the malware, dubbed Farseer, has connections to HenBox, a cyberespionage malware detected in 2018 in attacks against Google’s Android operating system.

HenBox is found lurking in malicious Android apps including Virtual Private Network (VPN) services and system programs. 

HenBox primarily targets the Turkish Uyghur group in order to steal data including personal and device information, including any phone numbers with a Chinese prefix. The malware is also able to compromise smartphone cameras and microphones.

This malicious software has been used in political, targeted attacks and the threat group connected to HenBox have used other malware dating back to 2015 including PlugX, Zupdax, 9002, and Poison Ivy.

Read more…