Our notoriously dangerous Predator commercial spyware kit is back – with upgrades.
Insikt Group, the threat research arm of cybersecurity firm Recorded Future, Reported last week that a new Predator infrastructure appeared in countries such as the Democratic Republic of Congo and Angola, suggesting that the US sanctions imposed on Intellexa, the company behind the Predator. they didn't exactly succeed.
"After Intellexa ... faced sanctions and (public) exposure, there was a marked decrease in Predator activity," Insikt Group says in its report on Predator. “However, according to our recent analysis, Predator is far from extinct".
Predator, like Pegasus from the NSO team and other commercial spyware, allows government actors to infiltrate devices and spy on users. The product is known for its ability to track locations, access device cameras, record calls, read messages, and do other privacy-infringing things.
The latest updates, unfortunately, indicate that the Predator will be much harder to spot.
According to Insikt, the Predator update it discovered further anonymizes client operations and makes it harder to identify affected users.
"This change makes it more difficult for researchers and cybersecurity defenders to track the spread of Predator," the researchers report.
"Defenders can mitigate risks by following cybersecurity best practices, such as regularly updating devices, using the lock function, and deploying mobile device management systems," Insikt recommends.
"Given the renewed presence of the Predator and the complexity of its infrastructure, individuals and organizations must remain vigilant."
THANKS ALWAYS USEFUL INFORMATION!!!