October 27, 2022 margarita

Predator Spyware | All you need to know

Antonis Psaras | Microbase Managing Director

In the last few days, the extensive use of Spyware such as Predator has come up, which is used for intercepting users’ information and communications. The use of Spyware is nothing new. However, with the use of mobile devices, the issue has become huge, as they can now intercept important information, such as our written and spoken communications, our location, our files and photos, and potentially anything that is on our mobile device.

How does a Spyware work?

Spyware is nothing more than a piece of code which, through our own, “wrong” actions, is installed on our device. The main hacking technique used to achieve this is Phishing. An email prompting us to enter a supposedly official site, an SMS, an attachment. Depending on how sophisticated the Spyware is it may either require a second action on the part of the user to install or a visit to a Hacked Site is enough to install it automatically. In the case of Predator for example, exploiting Chrome and Android vulnerabilities, it was able to install itself, gain the necessary access and hide itself so that it could not be detected.

After a Spyware is installed, and having all the necessary access, it has the ability to change certificates, record the image of the screen as well as the camera, open the microphone and record ambient sounds, record the keys we press on our device, get our geographic location and more.

This way, receiving information from the source (keys, screen, microphone, camera, etc.), it bypasses any security the applications have. If for example we use Viber, WhatsApp, Signal, we will continue to see that our communication is encrypted, but this encryption concerns the transmission of the data and obviously not the source. In short, no matter what application is there, no matter how high security it has, it cannot protect us.

predator small

Can we realize that we have a Spyware on our device?

Unfortunately, the only way to perceive the existence of an unknown Spyware is from the symptoms, which, depending on how intelligent the Spyware is, may not be so easily recognizable. Sudden delay in device response, fast battery consumption, increase in Data usage (Mobile or WiFi) are some of them.

Can an Antivirus/Antimalware protect me?

Unfortunately, no. Spyware is an ever-evolving class of hacking tools that bring significant profits to those who develop them, so there is an ability to invest in developing their code to be more effective and undetectable. An Antivirus/Antimalware is designed to primarily detect known threats. Spyware primarily joins Zero-Day Threads exploiting Zero Day vulnerabilities.

How can I protect myself?

The beginning of everything is education. There is a lot of material on the internet that one can learn from. A basic principle is, before opening an email or a link, to think whether what we see and read can be real. If we are not sure, we contact the sender for confirmation.

At the level of technical measures, the only way is prevention by using applications that cover Zero Day Threads, such as End Point Security mobile applications. A tactic followed by End Point Security applications is the opening of the relevant link in a protected environment in the Cloud, checking the files and scripts they download and then allow or deny access for the user.

Microbase, a certified partner of Check Point and Fortinet in Greece, has the necessary know-how and tools to protect against malicious software, both at the level of mobile devices and at the level of computers,
servers and cloud infrastructures.
Addressing the entire range of corporate customers,
we recommend the best solution to meet your needs and ensure the privacy of your communications and data.