Please log in or register to do it.

A new analysis of the sophisticated commercial spyware called Predator has revealed that its ability to persist between reboots is offered as an “add-on feature” and that it depends on the licensing options opted by a customer.

“In 2021, Predator spyware couldn’t survive a reboot on the infected Android system (it had it on iOS),” Cisco Talos researchers Mike Gentile, Asheer Malhotra, and Vitor Ventura said in a report shared with The Hacker News. “However, by April 2022, that capability was being offered to their customers.”

Predator is the product of a consortium called the Intellexa Alliance, which includes Cytrox (subsequently acquired by WiSpear), Nexa Technologies, and Senpai Technologies. Both Cytrox and Intellexa were added to the Entity List by the U.S. in July 2023 for “trafficking in cyber exploits used to gain access to information systems.”

The latest findings come more than six months after the cybersecurity vendor detailed the inner workings of Predator and its harmonious equation with another loader component called Alien.

Microsoft Warns of New 'FalseFont' Backdoor Targeting the Defense Sector
Top 7 Trends Shaping SaaS Security in 2024

Your email address will not be published. Required fields are marked *