Predator spyware sold with Chrome, Android zero-day exploits to monitor targets.
Or so says Google after tracking 30+ vendors peddling surveillance malware
Spyware vendor Cytrox sold zero-day exploits to government-backed snoops who used them to deploy the firm's Predator spyware in at least three campaigns in 2021, according to Google's Threat Analysis Group (TAG).
The Predator campaigns relied on four vulnerabilities in Chrome (CVE-2021-37973, CVE-2021-37976, CVE-2021-38000 and CVE-2021-38003) and one in Android (CVE-2021-1048) to infect devices with the surveillance-ware.
Based on CitizenLab's analysis of Predator spyware, Google's bug hunters believe that the buyers of these exploits operate in Egypt, Armenia, Greece, Madagascar, Côte d'Ivoire, Serbia, Spain, Indonesia, and possibly other countries.
https://www.theregister.com/2022/05/24/predator_spyware_zero_days/
@cRyPtHoN_INFOSEC_IT
@cRyPtHoN_INFOSEC_FR
@cRyPtHoN_INFOSEC_EN
@cRyPtHoN_INFOSEC_DE
@BlackBox_Archiv
