ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool GlanceLove

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: GlanceLove

NamesGlanceLove
WinkChat
CategoryMalware
TypeBackdoor, Info stealer, Exfiltration
Description(Check Point) About 100 people fell victim to the attack that came in the form of fake World Cup and online dating apps that had been uploaded to the Google Play Store, the official app store of Google.

Once the apps were installed onto the victims’ phones, the highly invasive malware was then able to carry out a number of malicious activities:

• Record the user’s phone calls.
• Take a picture when the user receives a call.
• Steal the user’s contacts.
• Steal the user’s SMS messages.
• Steal all images and videos stored on the mobile device and information on where they were taken.
• Capture the user’s GPS location.
• Take random recordings of the user’s surroundings.
• Steal files and photos from the mobile device’s storage.
Information<https://blog.checkpoint.com/2018/07/05/an-invasive-spyware-attack-on-military-mobile-devices/>
<https://symantec-blogs.broadcom.com/blogs/expert-perspectives/goldencup-new-cyber-threat-targeting-world-cup-fans>
<https://securelist.com/breaking-the-weakest-link-of-the-strongest-chain/77562/>
<https://www.clearskysec.com/glancelove/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/apk.glancelove>

Last change to this tool card: 13 May 2020

Download this tool card in JSON format

Previous: Ghole
Next: GLASSES

All groups using tool GlanceLove

ChangedNameCountryObserved

APT groups

 Desert Falcons[Gaza]2011-Dec 2020X

1 group listed (1 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key