Photo: AP
Israeli-made spyware
Photo: AP

Google discovers 'Israeli' spy app designed to hack smartphones

Google discovers what they consider to be the most dangerous android malware yet, used to track information of calls, messages and internet history as well as spy on people through their smartphones' camera and microphone; an Israeli company is suspected of creating it.

Security researchers at Google and Lookout have discovered an extremely sophisticated Android app capable of spying on users by hacking their smartphones' camera and microphone, as well as track calls, messages, internet history and more.



Called Chrysaor, the spyware seems to be linked to Pegasus, a notorious program that was found to be targeting iPhone users in 2016 and is suspected of having been created by Israeli firm NSO Group Technologies.


Photo: AP
Photo: AP


Google and Lookout announced the discovery of the spyware last week. The app, which was not available for download from Google Play, has already been detected on 36 devices, most of which were owned by people living in Israel.


Other countries to have found infected devices are Georgia, Mexico, Turkey, Kenya and others.


NSO Group Technologies has previously been accused of developing Smartphone hacking software and selling them to spy agencies across the globe, as they allegedly did with Pegasus.


“To install Chrysaor, we believe an attacker coaxed specifically targeted individuals to download the malicious software onto their device,” said Google.


“Once Chrysaor is installed, a remote operator is able to surveil the victim’s activities on the device and within the vicinity, leveraging microphone, camera, data collection, and logging and tracking application activities on communication apps such as phone and SMS.”


One of Pegasus' targets (Photo: AP)
One of Pegasus' targets (Photo: AP)


Chrysaor also had a self-destruct feature, helping NSO Group's malware avoid detection. "If it feels like it's going to be found, it removes itself," said Lookout mobile security researcher Michael Flossman. "That's why it took so long to find these samples."


Lookout and Google said that though the samples date from 2014, there was evidence the spyware was working on some victim Android phones when discovered in the last few months.


The likelihood of being affected by such spyware may be small, however Google recommends users take precautionary measures such as installing apps only from reputable sources and keeping devices up-to-date with the latest security patches to protect themselves.


All known targets of Chrysaor have been alerted.


(Translated & edited by Lior Mor)


פרסום ראשון: 04.07.17, 21:59
 new comment
This will delete your current comment