LightSpy is a modular surveillance framework that can be used to steal a variety of data, including files, screenshots, mobile location data, or even messenger data from apps like Telegram. It was first documented by TrendMicro and Kapersky in 2020 as an iOS implant. At the time, LightSpy would spread through a watering hole method, which is to say that targets would be directed to pages mimicking local news sites. An example page can be seen in the image below. The APT group said to be resp