Android users worldwide are being targeted by new spyware known as “ALIEN,” which can install the “PREDATOR” malware or virus. The spyware was allegedly created by the North Macedonian company Cytrox. At least three active campaigns have been confirmed by Google’s Threat Analysis Group (TAG).
According to Google, 0-day exploits based on the Alien spyware are being used alongside some older exploits. Malware developers appear to be actively attempting to exploit the time lag between when some critical bugs were patched but not flagged as security issues and when these patches were fully deployed across the Android ecosystem.
Google claims that a single commercial surveillance company, Cytrox, packaged multiple exploits that fall under the Alien spyware category and sold them to various government-backed groups. CitizenLab, an online security research firm, had also detected multiple attacks, which Google claims are all linked to the Alien spyware.
The virus appears to be spreading primarily via email. Victims are receiving emails containing suspicious links. Any of the links will take victims to a website that will install the malware. It then loads its main payload, the Predator virus, before opening the originally intended website.
“All three [spyware] campaigns delivered one-time links mimicking URL shortener services to the targeted Android users via email. The campaigns were limited — in each case, we assess the number of targets in the tens of users. Once clicked, the link redirected the target to an attacker-owned domain that delivered the exploits before redirecting the browser to a legitimate website.” Google said.
The virus can record audio, hide apps, and perform a variety of other nefarious activities.
Google said that patches have been distributed to address the vulnerabilities.
However, Android users should exercise caution when opening emails from unknown sources.
Furthermore, email users should never click on links embedded in emails without first verifying the sender’s identity.
Before you can receive free updates, link building strategies or SEO tips you need to confirm your email right now.
(It’s easy)
Just go to your inbox, open the confirmation email from the SIA, and click the link.
And that’s it!
PS: If you don’t see a confirmation email, please check your spam/junk or promotions folders. Sometimes the confirmation message ends up there by mistake.
Obtenez nos 7 études S.I.A. les plus controversées qui feront trembler la tête même les SEO les plus avancés d’incrédulité.
De plus, nous vous alerterons lorsque nous publierons de nouveaux tests au public.
Obtenga nuestros 7 estudios S.I.A. más controvertidos que harán que incluso el SEO más avanzado sacuda la cabeza con incredulidad.
Además, le avisaremos cuando publiquemos nuevas pruebas al público.
Get Our Most 7 Controversial S.I.A. Studies That Will Make Even the Most Advanced SEO Shake Their Head in Disbelief.
Plus we will alert you when we publish new tests to the public.
