Skip to main content

Surveillance Spyware Originally Found On iOS Now Targeting Android

By April 20, 2017March 1st, 2023Cybersecurity

In 2016, security firms Lookout and Citizen Lab identified a dangerous new type of malware, dubbed Pegasus, that surfaced in the iOS ecosystem. The software was developed and sold by the NSO Group, a licensed cyber-arms dealer operating out of Israel. Highly advanced, it was primarily sold to governments, including a number of oppressive regimes, which used the software to track down dissidents in those countries.

The software was incredibly capable and extremely effective, allowing the hackers controlling it to gain almost total control over a victim’s phone. Using it, they could, among other things:

• Collect SMS settings and messages
• Monitor call logs, calendars and browser histories
• Comb through emails
• Monitor messages from most popular messaging apps like Facebook, Twitter, Viber, Skype, and WhatsApp
• Coopt the phone’s alarm system to schedule various malicious activities
• Activate both the front and rear cameras remotely to spy on the phone’s owner
• Take screen shots
• Answer the phone and listen in on conversations
• Log all keystrokes
• Auto-delete itself if discovered, or at the command of the hackers

The two security firms knew from the start, based on sales literature from the NSO Group, that an Android version also existed. But to date, they had been unable to find evidence of it in the wild. That changed recently, with the discovery of Chrysaor. Chrysaor is the Android variant of Pegasus that is even more advanced and full-featured.

A joint effort by Lookout and Google tracked the software to some two dozen phones in Georgia, the Ukraine and Turkey, and Google was able to remotely disable the software, but it is unknown how many more infected users might be out there. Chrysaor is extremely adept at hiding itself and virtually impossible to track down.

For now, the software seems to be employed primarily by governments. It has never been found in the hands of independent hacking groups, which means you’re almost certain never to run across it. If that changes, however, it would represent a grave, large-scale threat to global digital security.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.