Security is an aspect of vital importance today, since digitization and technological progress have led to a significant evolution when it comes to using our mobile, since we spend many hours with it. In this sense, the developers of the operating systems try to keep any threat at bay, but Android is a very vulnerable software despite the efforts of the Play Protect antivirus and this causes it to be the victim of multiple attacks by cybercriminals.
In fact, about a day ago, Google itself warned that the mobiles under its program are the target of the dangerous spy virus known as Predator. This again shows the gaps in the system.
An issue in which the American company should work reliably, since it is not the first time that something similar has happened. However, this time it is a very famous malware due to its purpose and that is why you have to be very careful.
Android in trouble
Researchers from the Google Threat Analysis Group have reported on this situation and even warn that there are numerous countries throughout the world where this spy virus called Predator is operating.
On the other hand, the report carried out by this entity indicates that this malware is initially developed by a company called Cytrox, whose headquarters are in North Macedonia. Also, among the actions you can perform are the ability to record audio, hide applications or add digital certificates. Practices that completely invade the privacy of the user.
It should be noted that Predator is distributed via email , where victims receive a message with a link inside that mimics a URL shortening service. If you decide to click, you will be redirected to the domain of the attacker, who introduced a dedicated Android spyware known as ALIEN. A method that overlooks and does not raise suspicions at first.
How alien works
The procedure of this malware is quite simple. ALIEN occupies a slot within privileged processes to install Predator and load more spy commands like the aforementioned audio recording. A technique that, according to the TAG, has already been used previously against journalists.
Its exact purposes are unknown, but researchers have revealed that this Android malware is used by government-backed actors in Spain , Egypt, Armenia, Ivory Coast, Serbia, Greece, Madagascar, and Indonesia.
This discovery by Google researchers has reopened the debate about companies that develop “legitimate” spyware . There are cases like NSO Group that have generated and sold very powerful malware to governments around the world. All this under the excuse that they are tools that are of great help in the fight against terrorism or other national threats.
However, corporations in the security field have shown how these instruments are used on multiple occasions to deal with journalists, activists, political opposition, whistleblowers… A scenario that has led human rights activists to demand an end to these practices that pose a danger to all users with an Android smartphone. To such an extent that NSO Group products have been completely banned in the United States.
