Experts at ESET have said that bogus Android apps are being installed on the handsets of Kurds in a spying drive promoted across social media.
The researchers also said that a string of attacks executed by the BladeHawk hacking group is focused on targeting the Kurdish ethnic group through their Android handsets.
Believed to have been active for more than a year, the campaign is exploiting Facebook and using the social media platform as a trigger for the distribution of forged mobile apps.
At the time of writing, six Facebook profiles connected to BlackHawk — all of which now taken down — had been identified.
While they were active, these profiles represented as people in the technology domain and as Kurd supporters in order to share links to the group’s malevolent apps.
According to ESET, the apps have been downloaded 1,481 times.
BladeHawk’s phony applications were promoted as news services for the Kurdish fraternity; however, they are sheltering 888 RAT and SpyNote, two Android-based Remote Access Trojans (RATs) which allow the invaders to spy on their victims.