North Korean state-sponsored hackers have been using a new piece of malware, known as “Dolphin,” to steal data from people’s phones. Private security company ESET discovered that once the malware is established on a Windows PC, it will search the storage of any phone connected to the device for information to steal. The Dolphin malware is believed to be used by multiple spyware and digital espionage groups working for the North Korean government, primarily to gather information on South Korea and other Asian governments and industrial interests. It is deployed through “watering hole” attacks, which infect websites frequented by high-profile users connected to governments, banks, and other potential high-level targets. The malware searches for sensitive information and files on the phone’s storage and uploads them to a Google Drive account, where hackers can easily retrieve them. It also collects keystrokes and takes screenshots. This serves as a reminder that the data storage on phones is not any more or less secure than on PCs, and both can become points of vulnerability.
