Read Time:1 Minute, 36 Second

Security researchers recently uncovered a worrying trend in using virtual private networks (VPNs): malicious actors are using them to spread EyeSpy surveillanceware. EyeSpy is a type of malware that can remotely track users’ activities, spy on their data, or even take control of their machines.

EyeSpy surveillanceware is part of a malware campaign that started in May 2022. It utilises “components of SecondEye”. SecondEye is a credible monitoring software, yet the surveillanceware leverages it to spy on users of 20Speed VPN, an Iranian-based VPN service, via trojanised installers,” Bitdefender stated in an analysis.

The said application was supposed to be for parents who want to have parental control and monitoring over their child’s online activity. The cyber incidents mainly happened in Iran, and some were found in Germany and the U.S.

“SecondEye previously came under the radar in August 2022, when Blackpoint Cyber revealed the use of its spyware modules and infrastructure for data and payload storage by unknown threat actors. The initial access mechanism used in these incidents is currently unknown,” said Hacker News.

The researchers are now warning users to be extra vigilant about their VPN usage, as these tainted networks can open up any computer or device connected to them to malicious attacks. It’s also essential for people to use only reputable and reliable VPN providers, as many of the ones found in this investigation were found to be running old and unsupported software.

The recent discovery of EyeSpy surveillanceware spread through VPNs serves as a reminder that cybercriminals are constantly finding new ways to exploit computer networks, and users should take the necessary steps to protect themselves online. 

“EyeSpy has the ability to fully compromise online privacy via keylogging and stealing of sensitive information, such as documents, images, crypto wallets, and passwords. 

 “This can lead to complete account takeovers, identity theft and financial loss,” Bitdefender researcher Janos Gergo Szeles stated.

About Post Author

Christopher Clark

christophermasonclark@gmail.com
Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %
Total
0
Shares
Share 0
Tweet 0
Pin it 0
Share 0
0 0
In, ,
Previous post Ransomware Attacks Knows No Business Size, Clothing Line Brand Owner Lost His Instagram Account
Next post A Malware Formerly Known as Bokbot Compromised an Active Directory Domain in Less Than a Day

More Stories