Dark Caracal: EFF Reveals Malware That Allows Hackers to Spy on Thousands

By Thoinot Arbeau / January 19, 2018

Dark Caracal is an online campaign that gave way to hackers to spy on people who live in more than 20 countries. The hackers managed to steal thousands of gigabytes of data. Furthermore, they actively spied on thousands of people that reside in these countries. The Electronic Frontier Foundation (EFF) and Lookout, a security company, revealed the report. It states that fake mobile applications were used in this espionage campaign. The most common were fakes of messaging apps such as WhatsApp and Signal.

Dark Caracal

Eva Galperin, EFF Director of Cybersecurity, stated that Dark Caracal had hit people in several countries. This includes US, Canada, Germany, Lebanon, and France. She also adds that the main targets are activists, journalists, lawyers and army personnel. Hackers steal all types of documents and this includes even call recordings. Galperin expresses her concerns, adding that this was a global campaign which was focused mostly on mobile phones.

EFF and Lookout stated that they can trace Dark Caracal's origins to Lebanese General Security Directorate building. Moreover, they state that this is not the first global attack but that it is the first that focuses on mobile phones.

The thing that should worry everyone, however, is that Dark Caracal is not a brand-new and sophisticated type of campaign. Hackers who made fake apps attacked the phones by users voluntarily giving them permission. This way, the malware software was able to monitor speakers, cameras, and all the other data.

Google Android Security Team stated that they are working on removing the threat. The Android users should only download applications from the official Google Play Store. Moreover, they should always check who the publisher is. This way, they can avoid fake apps that contain malware.

Although there are attacks like this going on, we can protect ourselves. One should always come up with difficult passwords and always check their download sources. What do you think - is this attack going to affect Google Play Store and its reputation?

For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: