A New Spyware-For-Hire, Predator, Caught Hacking Phones Of Politicians And Journalists

While the NSO Group was being chastised for hacking into the phones of journalists, activists, and human rights advocates,

A whole industry of spyware producers and surveillance-for-hire firms went about their business undisturbed.

On behalf of authoritarian regimes targeting its most outspoken opponents, these private surveillance organisations design and execute never-

Before-seen vulnerabilities that stealthily hack into and take the contents of a victim’s phone — call records, text messages, emails, location data, and more.

Seven surveillance-for-hire companies have been barred from using Facebook’s platforms to target other users, following an inquiry by Citizen Lab and Facebook’s new parent company

Cytrox, a spyware company situated in North Macedonia, is one of the firms that have been blacklisted. Meta discovered the organisation was utilising a “vast”

infrastructure of web domains that looked like reputable news sites to target users’ iPhone and Android devices.

Cytrox was served with legal notifications, and hundreds of domains related with its infrastructure were disabled, according to Meta.

Meta was acting on the findings of Citizen Lab, which also issued a forensic analysis on the hacking of the phones of two Egyptians living in exile

A former politician and the host of a popular news show who did not want to be identified — on Thursday.

Citizen Lab said that Cyrtos created the Predator malware that infected their phones in July 2021.

The malware was originally detected on the iPhone of Ayman Nour, an Egyptian lawmaker and outspoken critic of the country’s current president,

Abdel Fattah el-Sisi, who gained power in 2013 after a military coup. When Nour’s phone went “hot” when he was in exile in Turkey,

The became suspicious. Noor’s phone had been infected with Pegasus, the now-famous malware manufactured by NSO Group, according to Citizen Lab.

This led to the finding that his phone had been infected with the recently discovered Predator malware at the same time.

At the time of the attacks, both Nour’s phone and the phone of the news show’s host were running iOS 14.6,

The most recent version of iOS, implying that the malware used a never-before-seen flaw in the iPhone’s software to infect the phones.

Apple spokesman Scott Radcliffe declined to comment on whether the firm has patched the flaw.

Predator is identical to NSO’s Pegasus in terms of characteristics. According to Citizen Lab, Nour received a malicious link over WhatsApp.

When the spyware is activated, it may get access to a phone’s cameras and microphone,

As well as exfiltrate data. Predator, unlike Pegasus, does not have the capacity to stealthily infect a phone without user input, but it compensates with persistence.

By developing an automation utilizing the Shortcuts function built into iOS,

Citizen Lab claims the malware can survive a reboot of an iPhone, which generally clears any spyware lying in its memory.

The researchers noted that Noor’s phone was infected with both Pegasus and Predator at the same time, but that the infections were most likely unconnected.

We will be happy to hear your thoughts

Leave a reply

GAGDET GEEK
Logo