Clicking on the malicious link would redirect the victim to a legitimate website while delivering the malware in between. In the three campaigns that the researchers analyzed, the malware reached the victims via shortened URLs delivered by emails. The malware can reach the target via various means. It also performs stealth spying and data-stealing activities, like the notorious Pegasus malware, on the target device. Predator is powerful spyware from the commercial surveillance firm Cytrox. The 0-day exploits were used alongside n-day exploits as the developers took advantage of the time difference between when some critical bugs were patched but not flagged as security issues and when these patches were fully deployed across the Android ecosystem. Describing this phenomenon, the researchers stated,
While all the five bugs have already received the fixes, the threat actors behind the malicious campaign still managed to exploit them effectively. Identified as CVE-2021-1048, it was a use after free flaw leading to local privilege escalation. These include the following four vulnerabilities in Google Chrome. And now, they have shared details about the five vulnerabilities exploited recently. In a recent post, Google Threat Analysis Group (TAG) researchers have shared details about the Predator malware campaigns exploiting Android zero-day vulnerabilities.Īs explained, they previously found the malware exploiting other zero-day flaws in 2021. Predator Spyware Exploiting Android Zero-Day Bugs Researchers from Google found five different zero-day bugs that the notorious Predator spyware exploited to target Android devices.
0 kommentar(er)
