nightmare team up
Intellexa is a company that creates commercial spyware for sale to law enforcement and governments. They named two spyware apps that can be invisibly installed on Android and iOS devices, “Alien” and “Predator,” after famous movies. While it is technically legal to sell this spyware to various public authorities, the security community was not very enthusiastic about its existence and devoted considerable resources to figuring out how this malware works. are spending Recently, Cisco Talos and The Citizen Lab made some interesting advances in their research.
The aliens were thought to simply be the program used to load the Predator onto the device, but their findings suggest it’s something much longer. Alien is injected into the Zygote Android process via various zero-day vulnerabilities Intellexa is familiar with, enabling the invisible installation of the Predator spyware payload. However, creating a shared memory area to store captured audio and data, or adding his SELinux context label to any app to circumvent security protections enabled on the phone. It seems that you can also
If an alien gets in there, they can spread Predator’s processes across many threads to make detection even more difficult. Additionally, it goes without saying that we allow Predator to be updated so that it can continue to function even after the vulnerability it originally exploited has been patched. Predator itself can execute arbitrary code, hide applications, simply stop running, record audio on or around the device, as well as install user certificates. can.
Reading about these two spyware apps on The Register is even worse, if your digestion hasn’t gone bad yet.
