Citizen Lab discovered the Predator when an exiled Egyptian politician named Ayman Nour became suspicious because of the hot weather on his phone. Researchers found Nours phone was infected with Pegasus and was able to identify other spyware, which researchers believe was Predator. They also connected Predator and Cytrox in Macedonia. Researchers also found that Predator is calling a news show host, who asked to not be named, while answering the phone. Both phones were iPhones running iOS 14.6 the latest version at the time of the hacks which suggests that Predator exploited a never-before-seen vulnerability in the iPhones software to infect the phones. Techcrunch interviewed Apple about the vulnerability, but a company spokesperson declined to say whether Apple had repaired it. Citizen Lab noted that it shared data from its Predator investigation with Apple and the iPhone-maker confirmed that it is investigating.

Predator can survive a reboot, making him more persistent than Pegasus.

Predator and Pegasus have similar feature sets and, according to Citizen Lab, Predator was delivered to Nours iPhone via a malicious message sent over WhatsApp. When Nour opened the link, Predator could gain access to the phones cameras and the microphone, and pull the data from the phone. Pegasus, predator doesn’t permit silently infecting a telephone without interaction of the user. In other words, the spyware uses user input to activate the virus, like the actions of a malicious button. Researchers said Predator explains why, due to persistence, the spyware can survive a reboot of an iPhone, which will normally clear up any hidden spyware lurking in the phone’s memory. It does that by making an automated process using the shortcut-like feature on iOS.

Meta banned Cytrox and other groups from its platforms.

Techcrunch also said the mother company that was Facebook’s last effort to ban surveillance-for-hire groups. The group said it removed over 1 500 Facebook and Instagram accounts associated with the groups. Meta said the accounts were used to send malicious links to more than 100 countries. The company alerted a certain number of 50,000 people they believed they were targeted by the group. Citizen lab said that Predator was likely used by governments in Armenia, Greece, Serbia, Indonesia, Madagascar, Oman, Egypt and Saudi Arabia. Metas probe also found prescription customers in Vietnam, Philippines, Germany and the Philippines. While certainly worth it, be careful not to underestimate that these tools aren’t necessarily necessary problems for the average person. Pegasus and Predator has now been used to attack journalists, politicians, human rights advocates and political figures. This spyware tool can also be used for the purpose of preventing the movement of viruses. It’s a good idea to avoid clicking any link that you received, particularly if it originated from unknown sources. Get a full report here from Citizen Labs. Source: Citizen Lab, Meta Via: Techcrunch.