Iranian APT Targets Android Users With New Variants of DCHSpy Spyware - SecurityWeek

Iranian APT MuddyWater has been deploying a new version of the DCHSpy Android spyware, disguised as VPNs or banking applications, since the start of the Israel-Iran conflict. The spyware, likely developed for surveillance purposes, can harvest user accounts, contacts, SMS messages, and more, and has been distributed using political lures and Starlink themes.