Experts On Android And iOS Users Blackmailed by ‘Goontact’ Spyware

Security researchers have discovered a new variant of spyware that’s targeting iOS and Android users as part of an international sextortion scam. According to a blog post by researchers at cyber security firm Lookout, the spyware, called Goontact, has been found in multiple Asian countries and targets users of illicit sites and steals personal information stored on their mobile devices. Researchers said the types of sites used to distribute these malicious apps and the information exfiltrated suggests that the ultimate goal is extortion or blackmail. The spyware often disguises itself as secure messaging applications and can exfiltrate a wide range of data, such as device identifiers and phone number, contacts, SMS messages, photos on external storage, and location information. While it is not presently known who is behind Goontact, it is the newest addition to a crime affiliate’s arsenal, rather than nation-state actors, said, researchers.

Full story here: https://blog.lookout.com/lookout-discovers-new-spyware-goontact-used-by-sextortionists-for-blackmail

Experts Comments

December 19, 2020
Jelle Wieringa
Technical Evangelist
KnowBe4
Mobile users have long proven to be highly vulnerable to social engineering scams. With so many alluring apps offering free and fun functionality, many users will be tempted to install them and try them out. Often times, they do this without realizing that not all creators of such apps have honest and good intentions. Given that apps are so easy to install and use, and that it's often unclear what permissions users accept when installing these apps, it is no surprise that malware like this is.....Read More
Mobile users have long proven to be highly vulnerable to social engineering scams. With so many alluring apps offering free and fun functionality, many users will be tempted to install them and try them out. Often times, they do this without realizing that not all creators of such apps have honest and good intentions. Given that apps are so easy to install and use, and that it's often unclear what permissions users accept when installing these apps, it is no surprise that malware like this is so widespread. And although it appears to focus on Chinese-speaking countries for now, I have no doubt that it will spread across the globe quickly. Incidents like these only prove that we need to pay more attention to educating the end user to recognize this sort of scam. 'Think before you click' applies to every aspect of our digital lives. Whether it be phishing emails, what websites you visit or what applications you install on your phone.  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.