Beware: Spyware Hidden in Fake Arabic Dating App
The hacker group, Arid Viper (APT-C-23, Desert Falcon, TAG-63), has inaugurated an espionage operation, leveraging a counterfeit dating application tailored for Android devices aimed at Arabic-speaking users. According to intelligence from Cisco Talos, the malevolent software possesses the capability to clandestinely amass confidential data from compromised devices and embed further malicious software.
Arid Viper’s activities, believed to be affiliated with HAMAS due to parallel infrastructural nuances, have been under surveillance since 2017. However, the detected campaign took its inception in April 2022 and remains distinct from the Israeli-Palestinian strife.
Graph showing the network of companies
Image: Cisco Talos
The cyber malefactors employed the code from a legitimate dating application named Skipped, hinting at a potential emulation of its features to ensnare unsuspecting users. Analogous applications, ostensibly engineered by Arid Viper, are accessible within official app repositories, alluding to prospective intentions of harnessing them in imminent cyber onslaughts.
The following online dating applications that are connected to Skipped GmbH can be installed from the Google Play Store or the Apple App Store:
- “SKIPPED – Chat, Match & Dating”: 50K downloads on Google Play.
- “Joostly – Dating App! Singles,”: 10K downloads on Google Play.
- “VIVIO – Chat, flirt & Dating”: Available on Apple App Store.
- “Meeted (previously Joostly) – Flirt, Chat & Dating”: Available on Apple App Store.
Their modus operandi encompasses directing the prey to a video tutorial on the dating application, wherein a concealed hyperlink within the description leads to the malevolent software. This software, once incepted, seamlessly cloaks itself within the compromised devices, neutralizing system notifications and soliciting elevated privileges to access personal data.
Beyond collating system-specific intel, the software can introduce additional pernicious applications, camouflaging themselves as renowned applications such as Facebook Messenger, Instagram, and WhatsApp.
