WyrmSpy and DragonEgg: Lookout Attributes Android Spyware to China’s APT41 | Threat Intelligence
WyrmSpy and DragonEgg: Lookout Attributes Android Spyware to China’s APT41 | Threat Intelligence
www.lookout.com WyrmSpy and DragonEgg: Lookout Attributes Android Spyware to China’s APT41 | Threat Intelligence
Lookout researchers discover advanced Android surveillanceware tied to Chinese espionage group APT41 known to target a wide range of public and private sector organizations.
![WyrmSpy and DragonEgg: Lookout Attributes Android Spyware to China’s APT41 | Threat Intelligence](https://lemdro.id/pictrs/image/e6095a29-d37f-4c2b-8cba-9bf1c561159e.jpeg?format=webp&thumbnail=256)
Summary
- Lookout attributes WyrmSpy and DragonEgg to infamous Chinese espionage group APT41, which has not slowed down since recent indictments by the U.S. government.
- APT41 is known to target a wide range of public and private sector organizations, including nation-state governments, software development companies, computer hardware manufacturers, telecommunications providers, social media companies, and video game companies.
- An established threat actor like APT41 turning their focus to mobile devices shows that mobile endpoints are high-value targets with coveted data.
- WyrmSpy and DragonEgg use modules to hide their malicious intentions and avoid detection.
- WyrmSpy and DragonEgg were first reported to Lookout Threat Intelligence Services subscribers in October 2020 and January 2021 respectively in full write-ups that included IOCs, YARA rules, and additional threat analysis.
0
comments