Tempting Cedar Spyware
Description
(ZDNet) A hacking campaign used fake Facebook profiles to trick targets into downloading malware capable of stealing vast swathes of information, including messages, photos, audio recordings and even the exact location of victims.
The group has been operating since as early as 2015 and is thought to have infected the Android phones of hundreds selected targets across the Middle East. The the highest concentration of infections is in Israel, but victims have also been seen in the US, China, Germany and France.
Uncovered by researchers at Avast, the operation has been dubbed ‘Tempting Cedar Spyware’. The name combines the main means of attack - by tricking victims using fake social media profiles purporting to be those of a young woman - with the Cedar tree, which features prominently on the flag of Lebanon.
The campaign for distributing the malware begins with fake Facebook profiles which are designed to lure in victims - predominantly men - with ‘flirty’ conversations.
Names
| Name | Name-Giver |
|---|---|
| Tempting Cedar Spyware | Avast |
Country
Motivation
- Information theft and espionage
First Seen
2015
Observed Countries
Tools
Information
- https://www.zdnet.com/article/hacking-group-uses-facebook-lures-to-trick-victims-into-downloading-android-spyware/
- https://blog.avast.com/avast-tracks-down-tempting-cedar-spyware
Other Information
Uuid
043904a1-321c-421b-86e6-1a8c7b638cbf
Last Card Change
2020-04-19