Chrysaor: Android spyware designed to hack smartphone cameras discovered
It’s believed to be linked to Pegasus, a notorious program found to be targeting iPhones last year
Your support helps us to tell the story
As your White House correspondent, I ask the tough questions and seek the answers that matter.
Your support enables me to be in the room, pressing for transparency and accountability. Without your contributions, we wouldn't have the resources to challenge those in power.
Your donation makes it possible for us to keep doing this important work, keeping you informed every step of the way to the November election
Andrew Feinberg
White House Correspondent
An extremely sophisticated Android app designed to spy on users has been discovered by security researchers.
Called Chrysaor, it’s capable of spying on users through their smartphone camera and microphone, as well as accessing messages, emails, contact details and browser history.
In Greek mythology, Chrysaor was the brother of Pegasus, the winged horse. The spyware was thus named because it’s believed to be linked to Pegasus, spyware that was found to be targeting handsets running iOS last year.
That discovery prompted Apple to build and release an important security update for the iPhone.
Google and Lookout announced the Chrysaor find this week, and the companies suspect it was created by Israeli firm NSO Group Technologies, the same group behind Pegasus.
Unusually, it appears that Chrysaor was never designed to attack as many people as possible. It was never available to download from Google Play, and has been discovered on less than three dozen devices.
“A few [potentially harmful application] authors spend substantial effort, time, and money to create and install their harmful app on one or a very small number of devices,” said Google in a blog post. “This is known as a targeted attack.”
NSO Group Technologies targeted human rights activist based in the Middle East with Pegasus, and it’s possible that the group was trying something similar with Chrysaor.
“To install Chrysaor, we believe an attacker coaxed specifically targeted individuals to download the malicious software onto their device,” said Google.
“Once Chrysaor is installed, a remote operator is able to surveil the victim's activities on the device and within the vicinity, leveraging microphone, camera, data collection, and logging and tracking application activities on communication apps such as phone and SMS.”
Google says the likelihood of most users being affected by Chrysaor is small, but recommends users protect themselves by:
- Only installing apps only from reputable sources
- Enabling a secure lock screen
- Keeping devices up-to-date with the latest security patches
- Enabling Verify Apps (Settings > Google > Security > Verify Apps)
- Getting familiar with Android Device Manager, as “you are far more likely to lose your device than install a PHA”
Subscribe to Independent Premium to bookmark this article
Want to bookmark your favourite articles and stories to read or reference later? Start your Independent Premium subscription today.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Comments