Google warns Android smartphones targeted by dangerous Predator spyware

Android users warned over serious security risk

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Android smartphonesin a number of countries around the world have been targeted by powerful PREDATOR spyware, researchers fromGoogle’s Threat Analysis Group (TAG) have warned.

The company’s recentreportsays that the spyware, allegedly developed by a commercial entity - a company called Cytrox, headquartered in Skopje, North Macedonia - is capable of recording audio, adding CA certificates, and hiding apps.

Cytrox is being distributed viaemail, with victims receiving a message carrying a one-time link mimicking a URL shortener service. Once clicked, the victim would then be redirected to a domain owned by the attacker, that would deliver simpleAndroid spywarecalled ALIEN.

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.

ALIEN and PREDATOR

The targetendpointwould then be redirected to a legitimate site, to minimize suspicion.

ALIEN, which lives inside multiple privileged processes, would then load PREDATOR, and receive further commands from the spyware over IPC, such as audio recording.

This technique, the TAG team says, was seen to be used before against journalists.

In this particular case, while specific targets are not known, the researchers have found the spyware to be used at least by government-backed actors in Egypt, Armenia, Greece, Madagascar, Ivory Coast, Serbia, Spain, and Indonesia.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

These Android spyware apps are spreading like wildfire>Some of the most basic Android apps might be spying on you more than you’d think>Beware Android users - These 23 apps may be spying on you

The findings have once again placed commercial entities, developing “legitimate” spyware, into the limelight. Companies such as the NSO Group have been building powerfulmalwareand selling it to governments around the world, claiming their tools assist law enforcement agencies in the fight against terrorism, and other threats to national security.

However, security firms have found these tools to be used, numerous times, against journalists, political activists, the opposition, whistleblowers, close family members of high-ranking officials, etc.

This has prompted privacy and human rights activists to demand its termination and in some countries, it worked.NSO Group, and its products, for example, have been banned in the United States.

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

How to turn off Meta AI