Android users have been alerted about a significant security vulnerability.
Researchers from Google’s Threat Analysis Group (TAG) have warned that sophisticated PREDATOR spyware has been targeting Android cellphones in a number of nations around the world.
According to the company’s recent report, the spyware, which was purportedly produced by a commercial firm based in Skopje, North Macedonia, is capable of recording audio, adding CA certificates, and hiding programmes.
Cytrox is delivered through email, with victims receiving a one-time link that looks like a URL shortener service. The victim would then be sent to a URL owned by the attacker, where basic Android spyware dubbed ALIEN would be delivered.
PREDATOR and ALIEN
To reduce suspicion, the target endpoint would be redirected to a legitimate site.
ALIEN would then load PREDATOR and receive additional directives from the spyware over IPC, such as audio recording, from the malware, which lives inside numerous privileged processes.
The TAG team claims that this strategy has been employed before against journalists.
While specific targets are unknown in this case, the researchers discovered the spyware being used by government-backed entities in Egypt, Armenia, Greece, Madagascar, Ivory Coast, Serbia, Spain, and Indonesia.
The revelations have thrust business entities who manufacture “legal” spyware back into the spotlight. Companies like the NSO Group have been developing and marketing strong malware to governments all over the world, claiming that their capabilities help law enforcement agencies combat terrorism and other national security concerns.
Security businesses, on the other hand, have discovered that these techniques have been utilised against journalists, political activists, the opposition, whistleblowers, close family members of high-ranking officials, and so on.
This caused privacy and human rights campaigners to urge its repeal, which was successful in several nations. In the United States, for example, the NSO Group and its goods have been prohibited.
With the greatest firewalls available, you can stay protected from hostile actors.