We review vendors based on rigorous testing and research but also take into account your feedback and our affiliate commission with providers. Some providers are owned by our parent company.
Learn more
vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 as an independent site reviewing VPN services and covering privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize the independent, professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

Samsung Users in the UAE Targeted by Spyware

Samsung Users in the UAE Targeted by Spyware
Husain Parvez Published on 31st March 2023 Cybersecurity Researcher

The Threat Analysis Group (TAG) of Google has published a report on commercial spyware vendors exploiting vulnerabilities against iOS and Android users. One of the campaigns being tracked has targeted Android users in the UAE, with traces also being found in Indonesia, Belarus, and Italy — though it's possible the spyware has infected devices outside these regions without being detected.

Google’s TAG highlighted a campaign that took advantage of a “complete exploit chain consisting of multiple 0-days and n-days [vulnerabilities] targeting the latest version of Samsung Internet Browser”. The exploits were delivered by one-time links sent via SMS, which sent users to a malicious landing page where they would be infected with a “fully-featured Android spyware suite.”

Google's Threat Analysis Group (TAG) has revealed that the spyware responsible for exploiting Android vulnerabilities against users in the UAE was developed by a commercial vendor called Variston, based in Spain. According to the report, the spyware contains libraries for decrypting and capturing data from various chat and browser applications. The report also suggests that the actors behind the exploit chain may be a customer or partner of Variston.

Amnesty International’s Security Lab was the organization to first uncover the campaign, the details of which were shared with Google TAG. Amnesty International stated that this meant “Google, along with other affected vendors, including Samsung, were able to release security updates protecting billions of Android, Chrome and Linux users from the exploit techniques used in this attack.” These updates have helped to mitigate the threat posed by the spyware campaign and protect users from further security and privacy risks.

Donncha Ó Cearbhaill, Head of Amnesty International’s Security Lab, said, "Unscrupulous spyware companies pose a real danger to the privacy and security of everyone.” While these vulnerabilities have been fixed, Cearbhaill said this acts as nothing more than “sticking plaster to a global spyware crisis.” Cearbhaill added that a “moratorium on the sale, transfer, and use of spyware” is urgently needed to safeguard activists and journalists from cyberattacks.

Last week, US President Joe Biden’s executive order barred all federal agencies from deploying third-party spyware “that poses risks to the national security and foreign policy interests of the United States.” According to the press release statement, the U.S. government has identified devices associated with 50 agents that have been targeted by commercial spyware.

About the Author

Husain Parvez is a Cybersecurity Researcher and News Writer at vpnMentor, focusing on VPN reviews, detailed how-to guides, and hands-on tutorials. Husain is also a part of the vpnMentor Cybersecurity News bulletin and loves covering the latest events in cyberspace and data privacy.