Predator malware might be worse than previously though
New research argues the tool has additional functionalities
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Predator, the commercial Androidmalwaredeveloped by a company called Intellexa, might be worse than previously thought, as new research argues the tool has a lot of previously unknown functionalities.
Cybersecurity researchers from Cisco Talos recently publisheda thorough analysisof Predator and its loader Alien. As per the analysis, it was concluded that Alien is more than just a loader for Android and that by working in unison with Predator, allows for all kinds of intelligence gathering.
“When used together, these components provide a variety of information stealing, surveillance and remote-access capabilities,” the researchers said.
Commercial spyware
The malware allows its users to record audio from phone calls and VoIP apps, and steal data from chat apps such asWhatsAppor Telegram. Although not confirmed, the researchers believe the malware also allows for geolocation tracking, access to camera apps, and tricking the user into thinking the device is powered off (for easier use during the “off” time).
To make matters worse, even after such a thorough analysis, the researchers are still not sure they got to the bottom of it: “This capability list should not be considered exhaustive,” the researchers concluded.
The malware was developed in 2019, The Register reports, and is part of a larger software suite developed by Intellexa (previously known as Cytrox). The apps are available for both Android and iOS, it was said.
Are you a target of Pegasus spyware? Get an iPhone and stay safe>Pegasus spyware should face blanket ban, EU says>This is the best ID theft protection right now
In practice, Predator/Alien is similar to Pegasus, also commercial spyware developed by the Israeli NSO Group. Pegasus has since been banned and NSO Group blacklisted in the United States, after reports came out that the software was being used by oppressive regimes around the world to target journalists, human rights activists, dissidents, and other individuals who might threaten the ruling party in various governments around the world.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The malware works by abusing zero-day vulnerabilities and other flaws.
Via:The Register
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
A new form of macOS malware is being used by devious North Korean hackers
Scammers are using fake copyright infringement claims to hack businesses
Quordle today – hints and answers for Saturday, November 9 (game #1020)
