{"id":443203,"date":"2022-11-02T09:00:22","date_gmt":"2022-11-02T11:00:22","guid":{"rendered":"https:\/\/teknomers.com\/fr\/des-experts-mettent-en-garde-contre-le-logiciel-espion-android-sandstrike-infectant-des-appareils-via-une-application-vpn-malveillante\/"},"modified":"2022-11-02T09:00:24","modified_gmt":"2022-11-02T11:00:24","slug":"des-experts-mettent-en-garde-contre-le-logiciel-espion-android-sandstrike-infectant-des-appareils-via-une-application-vpn-malveillante","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/des-experts-mettent-en-garde-contre-le-logiciel-espion-android-sandstrike-infectant-des-appareils-via-une-application-vpn-malveillante\/","title":{"rendered":"Des experts mettent en garde contre le logiciel espion Android SandStrike infectant des appareils via une application VPN malveillante"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both\"><\/div>\n<p>Une campagne de logiciels espions Android jusque-l\u00e0 non document\u00e9e a \u00e9t\u00e9 d\u00e9couverte frappant des personnes parlant persan en se faisant passer pour une application VPN apparemment inoffensive.<\/p>\n<p>La soci\u00e9t\u00e9 russe de cybers\u00e9curit\u00e9 Kaspersky suit la campagne sous le nom <strong>Frappe de sable<\/strong>.  Il n&#8217;a pas \u00e9t\u00e9 attribu\u00e9 \u00e0 un groupe de menace particulier.<\/p>\n<p>&#8220;SandStrike est distribu\u00e9 comme un moyen d&#8217;acc\u00e9der \u00e0 des ressources sur le <a rel=\"nofollow noopener\" href=\"https:\/\/en.wikipedia.org\/wiki\/Bah%C3%A1%CA%BC%C3%AD_Faith\" target=\"_blank\">religion bah\u00e1&#8217;\u00ede<\/a> qui sont interdits en Iran \u00bb, a not\u00e9 la soci\u00e9t\u00e9 dans son <a rel=\"nofollow noopener\" href=\"https:\/\/securelist.com\/apt-trends-report-q3-2022\/107787\/\" target=\"_blank\">Rapport sur les tendances APT<\/a> pour le troisi\u00e8me trimestre 2022.<\/p>\n<p>Bien que l&#8217;application soit apparemment con\u00e7ue pour fournir aux victimes une connexion VPN pour contourner l&#8217;interdiction, elle est \u00e9galement configur\u00e9e pour siphonner secr\u00e8tement les donn\u00e9es des appareils des victimes, telles que les journaux d&#8217;appels, les contacts et m\u00eame se connecter \u00e0 un serveur distant pour r\u00e9cup\u00e9rer des commandes suppl\u00e9mentaires.<\/p>\n<p>Le service VPN pi\u00e9g\u00e9, bien que pleinement fonctionnel, serait distribu\u00e9 via un canal Telegram contr\u00f4l\u00e9 par l&#8217;adversaire.<\/p>\n<p>Des liens vers la cha\u00eene sont \u00e9galement annonc\u00e9s sur des comptes de m\u00e9dias sociaux fabriqu\u00e9s sur Facebook et Instagram dans le but d&#8217;inciter les victimes potentielles \u00e0 t\u00e9l\u00e9charger l&#8217;application.<\/p>\n<p>Selon un rapport d&#8217;Amnesty International <a rel=\"nofollow noopener\" href=\"https:\/\/www.amnesty.org\/en\/latest\/news\/2022\/08\/iran-stop-ruthless-attacks-on-persecuted-bahai-religious-minority\/\" target=\"_blank\">publi\u00e9<\/a> en ao\u00fbt 2022, le minist\u00e8re iranien du Renseignement a arr\u00eat\u00e9 au moins 30 membres de la communaut\u00e9 dans diverses r\u00e9gions du pays depuis le 31 juillet 2022.<\/p>\n<div class=\"ad_two clear\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/crowd-mid-d\" target=\"_blank\" title=\"CyberSecurity\"><img decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" loading=\"lazy\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/11\/Des-chercheurs-divulguent-les-details-de-la-faille-RCE-critique.png\" width=\"728\" height=\"90\" \/><\/a><\/div>\n<p>La minorit\u00e9 religieuse a \u00e9t\u00e9 <a rel=\"nofollow noopener\" href=\"https:\/\/www.voanews.com\/a\/iranian-authorities-arrest-12-baha-i-members-in-continuing-crackdown-on-faith\/6730778.html\" target=\"_blank\">pers\u00e9cut\u00e9<\/a> par <a rel=\"nofollow noopener\" href=\"https:\/\/www.timesofisrael.com\/iran-said-to-arrest-14-more-bahai-as-part-of-recent-crackdown\/\" target=\"_blank\">autorit\u00e9s iraniennes<\/a>, <a rel=\"nofollow noopener\" href=\"https:\/\/www.atlanticcouncil.org\/blogs\/iransource\/iran-must-end-its-relentless-violations-against-the-bahais\/\" target=\"_blank\">accuser<\/a> d&#8217;\u00eatre des espions ayant des liens avec Isra\u00ebl, conduisant \u00e0 &#8220;des raids, des arrestations arbitraires, des d\u00e9molitions de maisons et des accaparements de terres&#8221;.<\/p>\n<p>&#8220;Les acteurs APT sont d\u00e9sormais utilis\u00e9s avec acharnement pour cr\u00e9er des outils d&#8217;attaque et am\u00e9liorer les anciens afin de lancer de nouvelles campagnes malveillantes&#8221;, a d\u00e9clar\u00e9 Victor Chebyshev, chercheur en s\u00e9curit\u00e9 chez Kaspersky. <a rel=\"nofollow noopener\" href=\"https:\/\/www.kaspersky.com\/about\/press-releases\/2022_new-sandstrike-spyware-targets-android-users-with-booby-trapped-vpn-application\" target=\"_blank\">a dit<\/a>.<\/p>\n<p>&#8220;Dans leurs attaques, ils utilisent des m\u00e9thodes rus\u00e9es et inattendues. Aujourd&#8217;hui, il est facile de diffuser des logiciels malveillants via les r\u00e9seaux sociaux et de rester ind\u00e9tectables pendant plusieurs mois, voire plus.&#8221;<\/p>\n<p><\/p>\n<\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2022\/11\/experts-warn-of-sandstrike-android.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Une campagne de logiciels espions Android jusque-l\u00e0 non document\u00e9e a \u00e9t\u00e9 d\u00e9couverte frappant des personnes parlant persan en se faisant passer pour une application VPN apparemment inoffensive. La soci\u00e9t\u00e9 russe de cybers\u00e9curit\u00e9 Kaspersky suit la campagne sous le nom Frappe de sable. Il n&#8217;a pas \u00e9t\u00e9 attribu\u00e9 \u00e0 un groupe de menace particulier. &#8220;SandStrike est [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":443204,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[8738,8737,1832,4168,841,4158,4165,4161,133,16034,692,525,57505,4157,4159,4171,4170,6816,4167,45272,3915,4160,4163,4162,121393,4172,4169,196,4166,27977,4164],"class_list":["post-443203","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-android","tag-appareils","tag-application","tag-comment-pirater","tag-contre","tag-cyber-actualites","tag-cyber-attaques","tag-cyber-mises-a-jour","tag-des","tag-espion","tag-experts","tag-garde","tag-infectant","tag-lactualite-de-la-cybersecurite","tag-lactualite-de-la-cybersecurite-aujourdhui","tag-lactualite-des-hackers","tag-la-securite-des-informations","tag-logiciel","tag-logiciel-malveillant-de-ransomware","tag-malveillante","tag-mettent","tag-mises-a-jour-de-la-cybersecurite","tag-nouvelles-de-piratage","tag-nouvelles-de-pirates","tag-sandstrike","tag-securite-informatique","tag-securite-internet","tag-une","tag-violation-de-donnees","tag-vpn","tag-vulnerabilite-logicielle"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/443203","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=443203"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/443203\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/443204"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=443203"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=443203"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=443203"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}