New Predator spyware infrastructure revealed activity in Mozambique for the first time

A naukri.com initiative

New

New Predat...

Securityaffairs

415

Image Credit: Securityaffairs

Insikt Group analyzed the new Predator spyware infrastructure and found it is gaining users despite U.S. sanctions.
Predator spyware has resurged after a decline and is being used in Mozambique.
Over half of Predator's identified clients are in Africa, with links to the Intellexa Consortium.
In March 2024, OFAC took actions against Intellexa Consortium members for their role in distributing Predator spyware.
The Intellexa Consortium markets offensive cyber companies providing surveillance tools.
Predator spyware enables compromising devices through zero-click attacks.
Insikt Group uncovered a new Predator spyware infrastructure, including updates and high-tier components.
The infrastructure showed renewed activity in various countries, including Mozambique.
Predator's domains now use deceptive tactics and target specific regions.
The spyware's infrastructure includes a five-tiered design to hide its origin and involves a Czech company.
Operators use fake websites and other tactics to deceive targets.
Insikt Group has monitored Predator spyware activity in over a dozen countries since March 2024.
Some regions stopped activity due to exposure, but Mozambique emerged as a new user.
Despite sanctions, Predator's continued use suggests the adoption of new evasion tactics.
Public exposure and sanctions have likely impacted Intellexa's operations.
Predator operators are using new tactics to avoid detection.

Read Full Article

25 Likes

For uninterrupted reading, download the app