Lookout attributes WyrmSpy and DragonEgg to infamous Chinese espionage group APT41, which has not slowed down since recent indictments by the U.S. government.
APT41 is known to target a wide range of public and private sector organizations, including nation-state governments, software development companies, computer hardware manufacturers, telecommunications providers, social media companies, and video game companies.
An established threat actor like APT41 turning their focus to mobile devices shows that mobile endpoints are high-value targets with coveted data.
WyrmSpy and DragonEgg use modules to hide their malicious intentions and avoid detection.
WyrmSpy and DragonEgg were first reported to Lookout Threat Intelligence Services subscribers in October 2020 and January 2021 respectively in full write-ups that included IOCs, YARA rules, and additional threat analysis.
Add comment