Government Sponsored Mobile Hacking Scheme Discovered

Dark Caracal phone hackDark Caracal

A mistaken server data leak has by accident revealed a large scale government sponsored hacking attack.  Dubbed Dark Caracal it’s unique in that it is likely government sponsored hacking that is targeting mobile devices.  After some files were leaked to the internet, researchers were able to trace group back to the Lebanon.  The building traced back to is owned by the General Directorate of General Security (GDGS), which is a Lebanese intelligence agency.  The building along with the apparent targets of the hacking scheme lead most to the general conclusion that it is a government sponsored hacking.

How did it spread?

For the most part Dark Caracal spread mostly by social engineering.  Legitimate apps would be used to direct people to a hacker controlled website.  Once there users would be asked to download infected updates of an app.  Infected apps would ask for permissions, and once given gave the hackers all the access they needed.  There is also some speculation that it was also spread by physical access to the target device.

What did they take?

The hackers appeared to be after any data they could gather.  Documents, contacts, text messages, photos, location data, and more were all accessed and taken by the hacking group.  One of the servers that was leaked to the internet and caused the discovery of Dark Caracal contained nearly fifty gigabytes of data from five hundred phones.

What can you do?

When using a mobile device, ensure that all downloads are from a legitimate source.  When it comes to app this is always the respective store to your device whether it be Google Play, or the ITunes store. It’s still impossible to remain one hundred percent free from attack, but with Protocol 46 firewalls and Protocol 46 persistent threat monitoring you can stay keep your systems protected.  Check back for the latest news from Protocol 46 on Dark Caracal

Post by chromite