May 22, 2022
Google: Predator spyware infected Android devices using zero-days
Posted by Genevieve Klien in categories: government, military, mobile phones, surveillance
Google’s Threat Analysis Group (TAG) says that state-backed threat actors used five zero-day vulnerabilities to install Predator spyware developed by commercial surveillance developer Cytrox.
In these attacks, part of three campaigns that started between August and October 2021, the attackers used zero-day exploits targeting Chrome and the Android OS to install Predator spyware implants on fully up-to-date Android devices.
“We assess with high confidence that these exploits were packaged by a single commercial surveillance company, Cytrox, and sold to different government-backed actors who used them in at least the three campaigns discussed below,” said Google TAG members Clement Lecigne and Christian Resell.