1 min read

Advanced Android spyware found by Google after bypassing security for 3 years

Luana PASCU

April 05, 2017

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Advanced Android spyware found by Google after bypassing security for 3 years

Google has detected Chrysaor, the Android version of the infamous Pegasus iOS spyware. It is believed to have been infecting devices for three years while avoiding detection, the company wrote on its blog. Infection was caused by installation of an app from a third-party store; Google Play did not have infected applications for download.

Pegasus, the most advanced surveillance tool sold by NSO Group, exploited three unpatched zero-day vulnerabilities in iOS and was detected last August when it targeted Mexican journalist and UAE activist Rafael Cabrera.

Chrysaor shares many of Pegasus” features, but comes with added specs; it collects all data associated with SMS settings, SMS messages, call logs, browser history, calendar, contacts, emails, and messages from messaging apps and social networks, captures screenshots, answers calls and allows the caller to hear conversations in the background, and self-destructs in case of detection.

These features allowed the hacker to monitor and steal all activity on the device and in its proximity. Not many devices were infected as Chrysaor was “used in a targeted attack on a small number of Android devices,” Google said. Most targets were in Israel, but individuals in Georgia, Mexico, Turkey and the UAE, among others, were also targeted.

The spyware was designed to target devices running Jellybean (4.3) or earlier, one sample analyzed by Google revealed.

“Upon installation, the app uses known framaroot exploits to escalate privileges and break Android’s application sandbox. If the targeted device is not vulnerable to these exploits, then the app attempts to use a super user binary pre-positioned at /system/csk to elevate privileges,” Google said.

NSO Group Technologies is a controversial Israeli company that develops and sells surveillance software that has been used against journalists and human rights activists. In 2012 the Mexican government confirmed signing a $20 million contract with NSO Group.

tags


Author



Right now

Top posts

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read
John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

John Oliver Shows the Dark Side of Data Brokerage on Last Week Tonight

April 15, 2022

3 min read
Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

Bitdefender Labs Warns of Phishing Scams Targeting MetaMask Users

April 14, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

How to keep your Android device immune to malicious vaccine themed apps How to keep your Android device immune to malicious vaccine themed apps
Cristina POPOV

April 22, 2021

2 min read
Facebook Takes Down Two Hacking Groups Operating out of Palestine Facebook Takes Down Two Hacking Groups Operating out of Palestine
Silviu STAHIE

April 22, 2021

2 min read
Ransomware attack causes supermarket cheese shortage in the Netherlands Ransomware attack causes supermarket cheese shortage in the Netherlands
Graham CLULEY

April 13, 2021

2 min read