DualToy is a Windows Trojan that is used by attackers to download malicious apps onto Android and iOS devices via USB connection. This is also known as “sideloading.” When a computer running Windows OS becomes infected by DualToy, ads begin to appear and browser settings on the system are altered.
X-Agent, also referred to as “Sofacy,” is a remote access toolkit that works against the Android operating system and Apple’s iOS. This malware is known for its association to the state-sponsored hacker group “FANCY BEAR,” also known as “Sofacy” or “APT28,” a group tied to Russian Military Intelligence (GRU).
In August, Apple pushed an emergency iOS update to patch zero-day vulnerabilities, dubbed Trident. The zero-days include CVE-2016-4655, a memory corruption vulnerability, CVE-2016-4656, a kernel base mapping vulnerability, and CVE-2016-4657, a kernel memory corruption vulnerability that leads to jailbreaking the device. Israeli software company, NSO Group, sold the vulnerabilities and the spyware used to exploit them, called “Pegasus.”
Fusob is a one of the most prevalent forms of mobile ransomware. According to Kaspersky, Fusob represents over 56 percent of mobile ransomware activity between 2015 and 2016. US users make up approximately 11.4 percent of all Fusob victims. For US victims, the ransomware will display a screen with a statement claiming to be from NSA demanding a ransom for illegal actions taken and a criminal case will be opened if the fine is not paid.