SpyNote (Malware Family)

SpyNote

aka: CypherRat

Actor(s): OilRig

The malware has been released on github at https://github.com/EVLF/Cypher-Rat-Source-Code

2024-02-19 ⋅ Fortinet ⋅ Axelle Apvrille
Android/SpyNote bypasses Restricted Settings + breaks many RE tools
SpyNote

2024-02-15 ⋅ Fortinet ⋅ Axelle Apvrille
Android/SpyNote Moves to Crypto Currencies
SpyNote

2023-07-31 ⋅ Cleafy ⋅ Francesco Iubatti
SpyNote continues to attack financial institutions
SpyNote

2023-05-10 ⋅ K7 Security ⋅ Baran S
spynote
SpyNote

2023-01-05 ⋅ Bleeping Computer ⋅ Bill Toulas
SpyNote Android malware infections surge after source code leak
SpyNote

2023-01-05 ⋅ ThreatFabric ⋅ ThreatFabric
SpyNote: Spyware with RAT capabilities targeting Financial Institutions
SpyMax SpyNote

2022-12-06 ⋅ ⋅ 360 Threat Intelligence Center ⋅ 360 Beacon Lab
Analysis of suspected APT-C-56 (Transparent Tribe) attacks against terrorism
AhMyth Meterpreter SpyNote AsyncRAT

2022-08-17 ⋅ ⋅ 360 ⋅ 360 Threat Intelligence Center
Kasablanka organizes attacks against political groups and non-profit organizations in the Middle East
SpyNote Loda Nanocore RAT NjRAT

2022-08-10 ⋅ K7 Security ⋅ Baran S
spynote
SpyNote

2021-09-21 ⋅ civilsphereproject ⋅ civilsphereproject
Capturing and Detecting AndroidTester Remote Access Trojan with the Emergency VPN
SpyNote

2021-04-21 ⋅ Facebook ⋅ David Agranovich, Mike Dvilyanski
Taking Action Against Hackers in Palestine
SpyNote Houdini NjRAT

2020-12-10 ⋅ Intel 471 ⋅ Intel 471
No pandas, just people: The current state of China’s cybercrime underground
Anubis SpyNote AsyncRAT Cobalt Strike Ghost RAT NjRAT

2020-12-01 ⋅ Qianxin ⋅ Qi Anxin Threat Intelligence Center
Blade Eagle Group - Targeted attack group activities circling the Middle East and West Asia's cyberspace revealed
SpyNote BladeHawk

2020-07-15 ⋅ Relativity ⋅ Bartlomiej Czyż
An in-depth analysis of SpyNote remote access trojan
SpyNote

2020-03-31 ⋅ Volexity ⋅ Volexity Threat Research
Storm Cloud Unleashed: Tibetan Focus of Highly Targeted Fake Flash Campaign
SpyNote Stitch Godlike12 Storm Cloud

2019-04-30 ⋅ ClearSky ⋅ ClearSky Cyber Security
Raw Threat Intelligence 2019-04-30: Oilrig data dump link analysis
SpyNote OopsIE

There is no Yara-Signature yet.