Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 14:34:07 UTC
Home > List all groups > List all tools > List all groups using tool GlanceLove
 Tool: GlanceLove
Names
GlanceLove
WinkChat
Category Malware
Type Backdoor, Info stealer, Exfiltration
Description
(Check Point) About 100 people fell victim to the attack that came in the form of fake World
Cup and online dating apps that had been uploaded to the Google Play Store, the official app
store of Google.
Once the apps were installed onto the victims’ phones, the highly invasive malware was then
able to carry out a number of malicious activities:
• Record the user’s phone calls.
• Take a picture when the user receives a call.
• Steal the user’s contacts.
• Steal the user’s SMS messages.
• Steal all images and videos stored on the mobile device and information on where they were
taken.
• Capture the user’s GPS location.
• Take random recordings of the user’s surroundings.
• Steal files and photos from the mobile device’s storage.
Information
Malpedia Last change to this tool card: 13 May 2020
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=bac795fd-7799-42f2-920c-eb6d4d4c12e9
Page 1 of 2

Download this tool card in JSON format
All groups using tool GlanceLove
Changed Name Country Observed
APT groups
  Desert Falcons [Gaza] 2011-Oct 2023
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=bac795fd-7799-42f2-920c-eb6d4d4c12e9
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=bac795fd-7799-42f2-920c-eb6d4d4c12e9
Page 2 of 2