Alert: New NoviSpy Android Spyware Exploits Qualcomm Zero-Day Vulnerabilities.

  • Home » Alert: New NoviSpy Android Spyware Exploits Qualcomm Zero-Day Vulnerabilities.
Qualcomm
Featured News Latest News Latest Vulnerabilities Recommended News Security Technology , , , ,

Alert: New NoviSpy Android Spyware Exploits Qualcomm Zero-Day Vulnerabilities.

In a recent revelation, Amnesty International’s Security Lab uncovered a new Android spyware named NoviSpy, which has been linked to Qualcomm zero-day vulnerabilities. This spyware was reportedly used by Serbian authorities to target activists, journalists, and protestors.

Malware-Shutterstock-1116459302-1920-1536x864-1-1024x576 Alert: New NoviSpy Android Spyware Exploits Qualcomm Zero-Day Vulnerabilities.

Discovery and Exploitation

The discovery came to light when an independent journalist, Slaviša Milanov, noticed unusual behavior on his phone after it was returned to him by the police. Amnesty International’s analysis revealed that NoviSpy was installed on his device while it was in police custody. The spyware exploited a zero-day vulnerability in Qualcomm’s DSP (Digital Signal Processor) driver, identified as CVE-2024-43047.

Method of Attack

The attackers used Cellebrite forensic extraction tools to unlock the devices and install NoviSpy. This spyware allows operators to capture sensitive data, switch on the device’s camera and microphone remotely, and communicate with servers tied to the Serbian Security Information Agency (BIA).

Impact and Targets

NoviSpy has been linked to numerous Android devices using Qualcomm chipsets, affecting millions of users worldwide. The targets include journalists, human rights activists, and government dissidents. The spyware was found on dozens, if not hundreds, of devices in Serbia over the past few years.

Response and Fixes

Google’s Threat Analysis Group (TAG) and Amnesty International worked together to uncover the flaws in Qualcomm’s DSP driver. Google released a fix for Android in November 2024, addressing the exploited vulnerability. The affected individuals were alerted to the government-backed attack, and the spyware was removed from their devices.

Conclusion

The NoviSpy spyware campaign highlights the ongoing threats posed by zero-day vulnerabilities and the importance of timely security updates. The collaboration between security researchers and tech companies is crucial in mitigating such risks and protecting users from sophisticated cyber attacks.

This detailed account underscores the need for vigilance and proactive measures to safeguard against emerging threats in the digital age.

You think you have a story worth everyone’s time? SUBMIT A STORY and we will publish it

Share this content:

Tag

Related Posts

Post Comment