GOOGLE has sounded the alarm on a state-backed cyber attack that was facilitated by a private company.
The hack successfully infiltrated the phone of an exiled Egyptian politician and sought other select targets in Southern Europe.
2
2
Google’s Threat Analysis Group (TAG) found that government-backed hackers are using services from a commercial cyber-surveillance company to install malware on Android devices.
The hacks took advantage of five unnoticed vulnerabilities, called zero-day vulnerabilities.
Victims were emailed links to a false website that installed a spyware program called Predator, which can activate the microphone and engage in other acts of unwanted surveillance.
Cytrox, the company that enabled the hack, clashed with Facebook’s parent company Meta for their “cyber mercenary” practices.
“Tackling the harmful practices of the commercial surveillance industry will require a robust, comprehensive approach that includes cooperation among threat intelligence teams, network defenders, academic researchers and technology platforms,” Google TAG analysts wrote in a blog post detailing the hack.
In addition to listening in on conversations, Cytrox’s malware can also hijack call logs and texts, all while controlling notifications to mask itself from detection.
Wired reported on the tendency of less developed, less democratic nations to conscript third-party hackers to maintain a repressive status quo through surveillance.
“Absent international and domestic regulations and safeguards, journalists, human rights defenders, and opposition groups will continue to be hacked into the foreseeable future,” CitizenLab bleakly concluded.
Most read in Tech
Google TAG analysts determined the hack affected less than a hundred users.
The targeted victims speak volumes about who is launching the attack or who stands to benefit from stolen information.
Ayman Nour, the exiled Egyptian politician who was targeted, was imprisoned from 2005 to 2009 by the Egyptian government in an anti-democratic act of political punishment.
Since 2019 Nour has been operating outside of the country to try to oust Egypt’s authoritarian government.
The cyber-surveillance-for-hire industry claims to focus on targeting terrorists and other bad actors, but tech companies will dissuade from using these companies because their motives are impossible to truly determine.
“We look forward to continuing our work in this space and advancing the safety and security of our users around the world,” Google TAG analysts wrote.
How to stay safe from Android cyber attacks
The best thing you can do is update your Android software whenever a new edition is released.
Updates often contain security patches.
You can also download extra security software from the Google Play Store.
Avoid accidentally downloading malware onto your device by watching out for phishing emails.
The best thing you can do is never click a link or download an attachment from a suspicious email.
Read emails carefully and try and verify that they’re from the sender they’re claiming to be before taking any further action.
A lot of phishing emails include an attempt to make the victim panic.
Scammers use this technique to try and make you give away your details or click links quickly before you’ve had time to think.
If you receive a suspicious email at work you should notify your company.
We pay for your stories!
Do you have a story for The US Sun team?
