Report: Russian authorities seized phone from detainee, infected it with spyware

Category	Details
Threat Actors	Russian authorities, Law enforcement, Government spyware developers
Campaign Overview	Infiltration of a detained citizen’s phone with spyware while in custody
Target Regions (Victims)	Kirill Parubets (a Russian programmer), Russian citizens
Methodology	Trojanized application installation, spyware embedded in a legitimate app
Product Targeted	Cube Call Recorder (legitimate Google Play Store app)
Malware Reference	Monokle family of spyware (similar code samples)
Tools Used	Cube Call Recorder (malicious version), Monokle spyware
Vulnerabilities Exploited	Trojanized legitimate apps, permissions abuse (SMS, location, call recording)
TTPs	Spyware embedding in legitimate apps, covert location tracking, data exfiltration
Attribution	Russian authorities, government contractors linked to Monokle spyware
Recommendations	Stronger app verification, advanced endpoint security measures, monitoring for trojanized apps
Source	The Record

Read full article: https://therecord.media/russian-authorities-infected-detainee-phone-with-spyware

Disclaimer: The above summary has been generated by an AI language model