Chrysaor: Android spyware designed to hack smartphone cameras discovered

It’s believed to be linked to Pegasus, a notorious program found to be targeting iPhones last year

Aatif Sulleyman
Tuesday 04 April 2017 09:39 EDT
Comments
Unusually, it appears that Chrysaor was never designed to attack as many people as possible
Unusually, it appears that Chrysaor was never designed to attack as many people as possible (Justin Sullivan/Getty Images)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

An extremely sophisticated Android app designed to spy on users has been discovered by security researchers.

Called Chrysaor, it’s capable of spying on users through their smartphone camera and microphone, as well as accessing messages, emails, contact details and browser history.

In Greek mythology, Chrysaor was the brother of Pegasus, the winged horse. The spyware was thus named because it’s believed to be linked to Pegasus, spyware that was found to be targeting handsets running iOS last year.

That discovery prompted Apple to build and release an important security update for the iPhone.

Google and Lookout announced the Chrysaor find this week, and the companies suspect it was created by Israeli firm NSO Group Technologies, the same group behind Pegasus.

Unusually, it appears that Chrysaor was never designed to attack as many people as possible. It was never available to download from Google Play, and has been discovered on less than three dozen devices.

“A few [potentially harmful application] authors spend substantial effort, time, and money to create and install their harmful app on one or a very small number of devices,” said Google in a blog post. “This is known as a targeted attack.”

NSO Group Technologies targeted human rights activist based in the Middle East with Pegasus, and it’s possible that the group was trying something similar with Chrysaor.

“To install Chrysaor, we believe an attacker coaxed specifically targeted individuals to download the malicious software onto their device,” said Google.

“Once Chrysaor is installed, a remote operator is able to surveil the victim's activities on the device and within the vicinity, leveraging microphone, camera, data collection, and logging and tracking application activities on communication apps such as phone and SMS.”

Google says the likelihood of most users being affected by Chrysaor is small, but recommends users protect themselves by:

  • Only installing apps only from reputable sources
  • Enabling a secure lock screen
  • Keeping devices up-to-date with the latest security patches
  • Enabling Verify Apps (Settings > Google > Security > Verify Apps)
  • Getting familiar with Android Device Manager, as “you are far more likely to lose your device than install a PHA”

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in