The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday issued an alert warning of bad actors actively leveraging commercial spyware and remote access trojans (RATs) to target users of mobile messaging applications.

"These cyber actors use sophisticated targeting and social engineering techniques to deliver spyware and gain unauthorized access to a victim's messaging app, facilitating the deployment of additional malicious payloads that can further compromise the victim's mobile device," the agency said .

CISA cited as examples multiple campaigns that have come to light since the start of the year. Some of them include -

The targeting of the Signal messaging app by multiple Russia-aligned threat actors by taking advantage of the service's "linked devices" feature

See Full Page