Israel-basedNSO Groups Pegasus spywarecomes first to mind when you think about notorious ways to snoop on peoples phones.

But theres a new player in town: Cytrox.

What is Cytrox?

Pegasus isn’t all you have to worry about: Meet Cytrox’s spyware, Predator

Its description onCrunchbasesays it provides governments with an operational cyber solution quite vague.

It’s free, every week, in your inbox.

The company is reportedly a part of Intexella an alliance that wants to compete with the NSO Group.

Article image

The firms founder, Tal Dillian, has been involved witha number of operations that provide surveillance software.

Cytrox offers its own Pegasus rival called Predator (whos making thatAlien v Predatorposter?)

that spies on the victims phone.

Cytrox is a North Macedonia based security company

What did Citizen Lab find out about the Predator spyware?

Notably, the spyware works on both Android and iOS.

But the targets were hacked by a bug present in iOS 14.6 in June.

An image accompanying a Cytrox Predator link sent to Nour purports to be a link to the legitimate website of the Al Masry Al Youm newspaper. The actual link goes to a fake lookalike domain, almasryelyuom[.]com.

Weve asked Apple if the vulnerability has been fixed, and well update the story if we hear back.

The actual link goes to a fake lookalike domain, almasryelyuom[.]com.

Citizen Labs investigation points towards additional domains observed in the Predator spyware attack.

you might find the full list of associated domains used for phishing or comprise attacks inthis GitHub file.

In the Android payload, researchers found several references to audio recording components that can log your conversations.

you might read more about Citizen Labs investigationhere.

What is Meta doing?

Meta released a new report on hack-for-hire operations.

The company said it has kicked out 300 accounts related to Cytrox from Facebook and Instagram.

you could read Metas full reporthere.

It also publisheda GitHub libraryof indicators that could help researchers in finding Predator spyware on phones.

After the report was published, Motherboard reporterLorenzo Franceschi-Bicchieraireached out to Cytroxs CEO and founder, Ivo Malinkovski.

Hours later, he removedall references to the companyfrom his profile except one seen in the picture below.

I reached out to Cytrox’s CEO and founder Ivo Malinkovski via LinkedIn.

Its not over yet.

That’s one heck of a mixed bag.

He likes to say “Bleh.

That’s one heck of a mixed bag.

He likes to say “Bleh.”

Also tagged with