Predator spyware uses in Chrome, Android zero-day exploits

Spyware vendor Cytrox sold zero-day exploits to government-backed snoops who used them to deploy the firm's Predator spyware in at least three campaigns in 2021, according to Google's Threat Analysis Group (TAG). The Predator campaigns relied on four vulnerabilities in Chrome (CVE2021-37973, CVE-2021-37976, CVE-2021-38000 and CVE-2021-38003) and one in Android (CVE-2021- 1048) to infect devices with the surveillance-ware. The Predator campaigns were highly targeted to just tens of users hit, according to the Googlers. Similarly, CitizenLab's analysis details Predator spyware being used against an exiled Egyptian politician and an Egyptian journalist. Once clicked, these URLs directed the victims to an attacker-owned domain that delivered Alien, Android malware that loadsthe Predator spyware and performs operations for it.

Read more about it: here