The latest campaign by Domestic Kitten not only highlights the rise of using phishing as an initial attack vector, but also the growing mobile malware market. This form of malware should be on the radar of every enterprise, especially ones with Bring-Your-Own-Device (BYOD) policies, as there are limited ways for an employer to monitor their employees’ mobile devices. With the growing threat of malware targeting mobile devices, it is becoming more and more likely that a company’s employee may have their own device compromised. While these Domestic Kitten campaigns primarily focused on harvesting personal data from Iranian regime dissidents, a different form of malware can be loaded just as easily, which then increases the risk of compromise. With this is mind, the best step to take as an organization would be to only allow company information on corporate devices. Additionally, user education is imperative to ensure a strong security posture.
https://thehackernews.com/2022/10/hackers-using-new-version-of-furball.html
