Android Spyware Alert: Gamaredon’s Sneaky Tools ‘BoneSpy’ and ‘PlainGnome’ Target Users!
Russian cyberspies Gamaredon are using Android spyware BoneSpy and PlainGnome to spy on mobile devices. BoneSpy, active since 2021, is delivered via trojanized apps. PlainGnome, emerging in 2024, features advanced data collection and stealth tactics. Both target Russian-speaking individuals, highlighting Gamaredon’s increased focus on Android devices.
Hot Take:
Looks like Gamaredon has decided to take a bite out of the Android world with its new spyware, BoneSpy and PlainGnome. I guess they figured that if you can’t beat ’em, just bug their phones and hope they don’t notice a gnome running in the background. With tactics this stealthy, maybe Gamaredon should consider a side gig in espionage-themed escape rooms!
Key Points:
- Gamaredon, linked to Russia’s FSB, is using Android spyware BoneSpy and PlainGnome to target Russian-speaking individuals in former Soviet states.
- BoneSpy, active since 2021, evolved from the open-source DroidWatcher app and offers extensive surveillance capabilities.
- PlainGnome, a custom malware, introduces advanced features for stealthy data exfiltration and operates using a two-stage installation process.
- Both spyware families are not found on Google Play, suggesting social engineering tactics for installation.
- Gamaredon’s shift to mobile device targeting signals an expansion of their surveillance operations to Android platforms.
Already a member? Log in here