this post was submitted on 21 Dec 2023
34 points (97.2% liked)

Technology

59135 readers
2825 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

Summary:

A new analysis of Predator spyware reveals that its persistence between reboots is an "add-on feature" offered based on licensing options. Predator is a product of the Intellexa Alliance, which was added to the U.S. Entity List in July 2023 for "trafficking in cyber exploits." It can target both Android and iOS, and is sold on a licensing model that runs into millions of dollars. Spyware like Predator often relies on zero-day exploit chains, which can be rendered ineffective as Apple and Google plug security gaps. Intellexa offloads the work of setting up the attack infrastructure to the customers themselves, and uses a delivery method known as Cost Insurance and Freight (CIF) to claim they have no visibility of where the systems are deployed. Predator's operations are connected to the license, which is by default restricted to a single phone country code prefix, but this can be loosened for an additional fee. Cisco Talos says that public disclosure of technical analyses of mobile spyware and tangible samples is needed to enable greater analyses, drive detection efforts, and impose development costs on vendors.

Original analysis: https://blog.talosintelligence.com/intellexa-and-cytrox-intel-agency-grade-spyware/#

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here