"European Lawmaker Targeted With Cytrox Predator Surveillance Spyware"

A security audit by the European Parliament has unearthed attempts to plant high-end surveillance software on the phone of a Greek lawmaker, and new reports are linking the hack attempt to a known North Macedonia spyware vendor.  The company, called Cytrox, was previously exposed as the makers of Predator, a tool capable of launching sophisticated exploits on Apple’s iOS-powered devices.  According to published reports out of Greece, the surveillance tool has been linked to an attempted hack of a phone belonging to Nikos Androulakis, a member of the European Parliament.  The University of Toronto’s Citizen Lab recently teamed up with the threat-intel team at Facebook parent company Meta to expose Cytrox alongside a handful of PSOAs (private sector offensive actors) in the murky surveillance-for-hire industry.  In a detailed technical report, Citizen Lab said Cytrox is responsible for a piece of iPhone eavesdropping malware that was planted on phones belonging to two notable Egyptians.  The malware, called Predator, was able to infect the then-latest iOS version (14.6) using single-click links sent via WhatsApp.  Meta’s security team recently issued an advisory listing Cytrox alongside Cobwebs Technologies, Cognate, Black Cupe, Bluehawk CI, BellTroX, and two unknown Chinese entities among a growing roster of private companies in the surveillance-for-hire business.  Meta noted that these companies manage the reconnaissance, engagement, and exploitation phases of advanced malware campaigns for governments and law enforcement agencies worldwide, including some governments that aim these exploits at journalists, politicians, and members of civil society.

SecurityWeek reports: "European Lawmaker Targeted With Cytrox Predator Surveillance Spyware"