An Android version of one of the most sophisticated mobile spyware has been discovered that remained undetected for at least three years due to its smart self-destruction capabilities.
Dubbed Chrysaor, the Android spyware has been used in targeted attacks against activists and journalists mostly in Israel, but also in Georgia, Turkey, Mexico, the UAE and other countries.
Chrysaor espionage malware, uncovered by researchers at Lookout and Google, is believed to be created by the same Israeli surveillance firm NSO Group Technologies, who was behind the Pegasus iOS spyware initially detected in targeted attacks against human rights activists in the United Arab Emirates last year.
The newly discovered Chrysaor spyware has been found installed on fewer than three-dozen Android devices, although researchers believe that there were more victims before its detection, who most likely have either formatted or upgraded their phones.
“Although the applications were never available in Google Play, we immediately identified the scope of the problem by using Verify Apps,” Google said in its own blog post published Monday.
“We’ve contacted the potentially affected users, disabled the applications on affected devices, and implemented changes in Verify Apps to protect all users.”