top of page
perceptive_background_267k.jpg

​​Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications​

Published:

24 november 2025 om 12:00:00

Alert date:

5 december 2025 om 08:03:22

Source:

cisa.gov

Click to open the original link from this advisory

CISA reports multiple cyber threat actors actively using commercial spyware to target users of mobile messaging applications including Signal and WhatsApp. Attackers employ sophisticated tactics including phishing QR codes, zero-click exploits, and platform impersonation. Current targeting focuses on high-value individuals including government officials, military personnel, and civil society organizations across the United States, Middle East, and Europe. The campaigns use social engineering to gain unauthorized access and deploy additional malicious payloads on mobile devices.

Technical details

Mitigation steps:

Affected products:

Signal
WhatsApp
ToTok
Telegram
Samsung Android Devices

Related links:

https://www.cisa.gov/news-events/alerts/2025/11/24/spyware-allows-cyber-threat-actors-target-users-messaging-applications
https://www.cisa.gov/resources-tools/resources/mobile-communications-best-practice-guidance
https://www.cisa.gov/resources-tools/resources/mitigating-cyber-threats-limited-resources-guidance-civil-society
https://cloud.google.com/blog/topics/threat-intelligence/russia-targeting-signal-messenger/
https://unit42.paloaltonetworks.com/landfall-is-new-commercial-grade-android-spyware/
https://thehackernews.com/2025/08/whatsapp-issues-emergency-update-for.html
https://zimperium.com/blog/clayrat-a-new-android-spyware-targeting-russia
https://www.bleepingcomputer.com/news/security/android-spyware-campaigns-impersonate-signal-and-totok-messengers/
https://securityaffairs.com/183169/malware/clayrat-campaign-uses-telegram-and-phishing-sites-to-distribute-android-spyware.html
https://www.reuters.com/world/us/whatsapp-banned-us-house-representatives-devices-memo-2025-06-23/
https://www.axios.com/2025/06/23/whatsapp-house-congress-staffers-messaging-app
https://therecord.media/judge-bars-nso-from-targeting-whatsapp-users-lowers-damages
https://therecord.media/researchers-spyware-uae-infections

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page