两次间谍软件活动(ProSpy和ToSpy)欺骗阿联酋用户安装假网站伪装成信号的恶意软件和ToTok更新软件。 Two spyware campaigns, ProSpy and ToSpy, tricked UAE users into installing malware disguised as Signal and ToTok updates via fake websites.

ESET发现两项Android间谍软件运动,即ProSpy和ToSpy,以阿联酋用户为目标,装扮成信号和ToTok的最新消息。 ESET discovered two Android spyware campaigns, ProSpy and ToSpy, targeting UAE users by posing as Signal and ToTok updates. 通过模拟官方服务的假网站分发,包括三星银河商店克隆,恶意软件需要从非官方来源人工安装,并收集信息、联系人和文件等敏感数据。 Distributed via fake websites mimicking official services, including a Samsung Galaxy Store clone, the malware required manual installation from unofficial sources and collected sensitive data like messages, contacts, and files. ProSpy至少自2024年以来一直活跃,使用.ae.net域名,而ToSpy,自2022年中开始活跃,则利用了To Tok的受欢迎程度。 ProSpy, active since at least 2024, used .ae.net domains, while ToSpy, active since mid-2022, exploited ToTok’s popularity. 两种应用程序都没有出现在官方的应用程序商店中。 Neither app appeared in official app stores. 研究人员敦促用户避免未知来源,并停止为减少风险而进行边卸载。 Researchers urge users to avoid unknown sources and disable sideloading to reduce risk.