FlagThis

The Russian-aligned Gamaredon APT group has been attributed to the development and deployment of two new Android spyware families named BoneSpy and PlainGnome. BoneSpy has been active since 2021, while PlainGnome appeared in 2024. These tools are used to target former Soviet states, focusing on Russian-speaking victims, and are used for surveillance purposes. These sophisticated malwares collect sensitive data including SMS messages, call logs, device location, and contact lists. PlainGnome acts as a dropper for the surveillance payload, while BoneSpy is deployed as a standalone application.

A new mobile surveillance tool named ‘EagleMsgSpy’ has been discovered, used by Chinese law enforcement to gather data from Android devices. This tool, operational since 2017, collects a range of sensitive data, including chat messages, screen recordings, audio, call logs, contacts, SMS, location, and network activity. The collected data is sent to a command-and-control server, raising concerns about privacy and potential misuse.