Security researchers at Lookout have identified four newly active samples of the Android malware DCHSpy, a sophisticated surveillance tool attributed to the Iranian-linked cyber-espionage group MuddyWater, shortly after the Israel-Iran conflict escalated in mid-2025.
These findings underscore the group’s ongoing campaign to refine mobile surveillance capabilities and widen their targeting using innovative lures, including applications purporting to offer Starlink connectivity.
https://cyberpress.org/new-dchspy-android-malware/