The recent research conducted by Citizen Lab, a cybersecurity firm, has brought to light the threat posed by Android malware called “Predator” and “Alien.” Predator, distributed by an Israeli company, was found to spy on journalists, politicians, and even executives of companies like Meta.
How to avoid Android malware, Predator?
Predator and Alien are malicious software targeting Android devices. Alien serves as a downloader for the Predator malware and was initially detected by Google in 2022. Alien facilitates the spying activities of Predator by bypassing the SELinux security policy, which manages user permissions on Android.
One distinguishing feature of Predator is its ability to bypass SELinux restrictions on Android. Alien removes these restrictions, allowing Predator to conduct surveillance on the device.
Alien specifically targets Samsung, Huawei, Oppo, and Xiaomi devices, and it can scrutinize data from email, messaging, social media, and browser applications. It can also extract the victim’s contact list, track their call history, and even list private files such as audio, images, and videos in media folders.
Despite the analysis conducted by Citizen Lab, there are still undetected aspects of Predator. Initial estimates suggest that one module within the malware performs geolocation tracking and captures images using the device’s camera.
Many of people have witnessed in the past how surveillance tools like Pegasus. The new Predator malware for Android continues to target similar individuals by following different steps.