Tainted VPN installers are being used to deliver a piece of surveillanceware dubbedEyeSpyas part of a malware campaign that started in May 2022. It uses “components of SecondEye a legitimate monitoring application to spy on users of 20Speed VPN, an Iranian-based VPN service, via trojanized installers,” Bitdefendersaidin an analysis. A majority of the infections are said to originate in