Lookout and the Electronic Frontier Foundation have released a report on a widespread attack on Android.
The group behind the attack is called Dark Caracal and is “a prolific actor with nation-state level advanced capabilities”.
According to the report, this is one of the first documented mobile advanced persistent threat actors known to execute espionage on a global scale.
The hacking group is reportedly operating from a Lebanese General Security Directorate building in Beirut.
“At present, we have knowledge of hundreds of gigabytes of exfiltrated data, in 21+ countries, across thousands of victims,” stated the report.
Lookout and the EFF released the details of over 90 indicators of compromise spanning Android malware, desktop malware across Windows, Mac, and Linux, and 60 domains or IPs.
The full report is available from Lookout.