Arid Viper’s Sneaky Spyware: How Trojanized Apps are Targeting Middle East Devices

Arid Viper has launched a mobile espionage campaign using trojanized Android apps to spread the spyware AridSpy. Five campaigns since 2022 have targeted users in Palestine and Egypt. The malware pretends to be secure messaging and job opportunity apps, harvesting data and snapping photos when victims unlock their phones.

3P
Published: June 13, 2024 2:21 pmAdded: June 13, 2024 at 7:31 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Arid Viper is out here playing the spyware Olympics, and it looks like they’re gunning for gold with their new multi-stage trojan! Who knew cyber espionage could be this ambitious?

Key Points:

  • Arid Viper’s mobile espionage campaign uses trojanized Android apps to distribute AridSpy.
  • The malware is spread through fake websites mimicking messaging and job opportunity apps.
  • Three out of five campaigns are still active, targeting mainly Palestine and Egypt.
  • AridSpy can download additional payloads from a command-and-control (C2) server.
  • The malware takes sneaky selfies if the victim’s phone battery is above 15% and it’s been more than 40 minutes since the last photo.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?