SYMBOLCOMMON_NAMEaka. SYNONYMS
apk.furball (Back to overview)

FurBall

Actor(s): Domestic Kitten

According to Check Point, they uncovered an operation dubbed "Domestic Kitten", which uses malicious Android applications to steal sensitive personal information from its victims: screenshots, messages, call logs, surrounding voice recordings, and more. This operation managed to remain under the radar for a long time, as the associated files were not attributed to a known malware family and were only detected by a handful of security vendors.

References
2022-10-20Bleeping ComputerBill Toulas
@online{toulas:20221020:hacking:7a1acf5, author = {Bill Toulas}, title = {{Hacking group updates Furball Android spyware to evade detection}}, date = {2022-10-20}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/hacking-group-updates-furball-android-spyware-to-evade-detection/}, language = {English}, urldate = {2022-10-30} } Hacking group updates Furball Android spyware to evade detection
FurBall
2021-02-08CheckpointCheck Point Research
@online{research:20210208:domestic:202aaca, author = {Check Point Research}, title = {{Domestic Kitten – An Inside Look at the Iranian Surveillance Operations}}, date = {2021-02-08}, organization = {Checkpoint}, url = {https://research.checkpoint.com/2021/domestic-kitten-an-inside-look-at-the-iranian-surveillance-operations/}, language = {English}, urldate = {2021-02-09} } Domestic Kitten – An Inside Look at the Iranian Surveillance Operations
FurBall
2019-11-18QianxinRed Raindrop Team
@online{team:20191118:surprised:2930338, author = {Red Raindrop Team}, title = {{Surprised by Julius the Great! Disclosure of Cyrus attacks against Iran}}, date = {2019-11-18}, organization = {Qianxin}, url = {https://ti.qianxin.com/blog/articles/surprised-by-cyrus-the-great-disclosure-against-Iran-cyrus-attack/}, language = {Chinese}, urldate = {2021-02-09} } Surprised by Julius the Great! Disclosure of Cyrus attacks against Iran
FurBall
2019-10-02Virus BulletinAseel Kayal, Lotem Finkelstein
@online{kayal:20191002:domestic:f400298, author = {Aseel Kayal and Lotem Finkelstein}, title = {{Domestic Kitten: an Iranian surveillance program}}, date = {2019-10-02}, organization = {Virus Bulletin}, url = {https://www.virusbulletin.com/conference/vb2019/abstracts/domestic-kitten-iranian-surveillance-program}, language = {English}, urldate = {2021-02-09} } Domestic Kitten: an Iranian surveillance program
FurBall
2019-06-18Trend MicroEcular Xu, Grey Guo
@techreport{xu:20190618:mobile:2ada6b8, author = {Ecular Xu and Grey Guo}, title = {{Mobile Campaign ‘Bouncing Golf’ Affects Middle East (IoCs)}}, date = {2019-06-18}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/appendix-mobile-cyberespionage-campaign-bouncing-golf-affects-middle-east.pdf}, language = {English}, urldate = {2021-02-09} } Mobile Campaign ‘Bouncing Golf’ Affects Middle East (IoCs)
FurBall
2019-06-18Trend MicroEcular Xu, Grey Guo
@online{xu:20190618:mobile:eef20ef, author = {Ecular Xu and Grey Guo}, title = {{Mobile Campaign ‘Bouncing Golf’ Affects Middle East}}, date = {2019-06-18}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/19/f/mobile-cyberespionage-campaign-bouncing-golf-affects-middle-east.html}, language = {English}, urldate = {2021-02-09} } Mobile Campaign ‘Bouncing Golf’ Affects Middle East
FurBall
2018-09-07Bleeping ComputerIonut Ilascu
@online{ilascu:20180907:domestic:18a5d5c, author = {Ionut Ilascu}, title = {{Domestic Kitten APT Operates in Silence Since 2016}}, date = {2018-09-07}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/domestic-kitten-apt-operates-in-silence-since-2016/}, language = {English}, urldate = {2021-02-09} } Domestic Kitten APT Operates in Silence Since 2016
FurBall Domestic Kitten

There is no Yara-Signature yet.