Predator: Explained: What is Predator spyware and why is Google warning Android smartphone users about it?

Google’s. researchers of threat analysis groupTAG has recently warned about the mighty Hunter spyware that is targeting Android devices, worldwide. Google’s TAG looks for zero-day vulnerabilities that could be exposed by cybercriminals and other threat actors, as part of an ongoing effort to make Android smartphones more secure. These vulnerabilities pose a serious threat because they have just been exposed and Google A patch has been released to fix them.
What is Predator spyware?
Recent reports from the tech giant mention that Predator spyware is reportedly developed by a commercial entity. Google suspects that this spyware was developed by a company called Citrox headquartered in Skopje. North Macedonia, This malicious spyware is capable of recording audio, adding CA certificates and even hiding apps. Predator spyware was sold to government-backed bullies in Egypt, Armenia, Greece, Madagascar, Cte d’Ivoire, Serbia, Spain and Indonesia, where it was used secretly by political rivals, journalists and other outspoken high-valuers such as was used to spy on targets. Critics of their respective governments.
How did Google’s TAG discover this spyware?
TAG has highlighted three different campaigns that took place between August and October 2021 in a new blog post. In these campaigns, state-backed attackers used five separate zero-day vulnerabilities to install Predator spyware on fully updated Android devices.
How do Alien and Predator spyware work?
Cytrox is using email to deliver this spyware where victims are receiving a message that is attached with a one-time link that simulates a URL shortener service. After clicking on the link the victims are being redirected to the domain owned by the attacker. This domain will distribute a simple Android malware called Alien before redirecting their browser to a legitimate website.
The Alien Android Malware Predator is responsible for loading the spyware that previously infected targeted Android devices. Alien receives commands from Predator that allows spyware to record audio, add CA certificates, and even hide apps on a user’s device.
What is Predator spyware used against?
like spyware hunter and pegasus Not used like traditional malware. This spyware is used against high-value targets such as journalists and politicians. For example, the number of targeted users in the campaigns discussed by Google was in the tens. Different emote And want to cry, where thousands or millions of users were affected. Nevertheless, it is important to be aware of spyware and take necessary steps to avoid falling prey to them. Attackers can use this spyware to track your online activities across the web and create a profile on you.
What are zero-day vulnerabilities and why do attackers often use them?
Zero-day vulnerabilities have a wide attack surface, so cybercriminals and other threat actors like to take advantage of them in their attacks. Usually, after a patch has been released for them, the vulnerabilities are less harmful. However, it can still expose users who have not updated their system or software. In the case of a zero-day vulnerability, a patch has yet to be written and distributed, so their attacks have a very high chance of being successful.
Users can still fall prey to a zero-day attack even if they keep their systems and software up-to-date. This is why Google’s TAG and other cybersecurity experts are constantly on the lookout for new zero-day vulnerabilities that have yet to be exploited by attackers. This ongoing search will allow them to create a patch to alert vendors and fix them as quickly as possible before cybercriminals discover these vulnerabilities.

Source link

Sharing Is Caring:

Leave a Comment