Infection usually starts through malicious links and fake apps, but it is also taking place via “more subtle methods,” says Richard LaTulip, a field CISO at security company Recorded Future, which collaborated with Google’s threat intelligence team on the Predator spyware findings.
LaTulip cites the example of recent research on malicious browser extensions affecting millions of users that shows “how seemingly harmless tools can become surveillance devices.”
These techniques, often developed by nation-state adversaries linked to governments, indicate a trend toward “more covert, persistent, and device-level compromises,” he says.
A Bigger Problem
Over the past few years, spyware has become a growing issue. Governments and the companies that make the malware say the surveillance tools are used to target only criminals and terrorists, or for national security purposes.
“But the truth is that human rights activists, journalists, and many others across the world have been unlawfully targeted with spyware,” Rebecca White, Amnesty International’s researcher on targeted surveillance, tells WIRED. “In this way, spyware can be used as a tool of repression—to silence people speaking truth to power.”
Thai activist Niraphorn Onnkhaow is a prime example. Between 2020 and 2021, at the height of Thailand’s pro-democracy protests, Onnkhaow was targeted 14 times by Pegasus spyware. Soon afterward, she decided to end her role in the protest movement amid fears that her private data could be weaponized against her.
“Data can be weaponized and lead to more abuse, online and offline—especially for people who already face discrimination based on their identity; for example, on the basis of gender or race,” White says.
Beyond activists, mobile spyware appears to be targeting a wider subset of people, often within a business environment. The malware is hitting “a wide range of society,” from government officials to financial IT workers, says iVerify’s Cole. “Increasingly, it’s used beyond intelligence gathering, to steal credentials for enterprise access.”
Signs You’ve Been Hit
Spyware is difficult to detect—especially sophisticated strains such as Pegasus and Predator, which are typically only discovered via forensic analysis. But you might notice some subtle signs, such as your device overheating or slowing down, or your camera or mic activating when they’re not supposed to be in use.
While advanced spyware may leave little to no visible trace, sudden drops in performance or changes in connectivity can serve as early warning signs, says LaTulip.
{content}
Source: {feed_title}