The Predator mobile spyware operation, which was brought to light in a report by Amnesty International last year, has recently made headlines again. This time, researchers from Recorded Future’s Insikt Group have uncovered that the operation has revamped its malware delivery network and expanded into new territories, specifically Botswana and the Philippines.
According to the researchers, Predator now operates in a total of 11 countries, with the latest additions being Botswana and the Philippines. The malware network infrastructure has been updated and is now tiered, including delivery servers, upstream servers, and static IP addresses in the countries suspected to be Predator customers. These countries include Angola, Armenia, Egypt, Indonesia, Kazakhstan, Mongolia, Oman, Saudi Arabia, and Trinidad and Tobago.
Despite the expansion and updates to its infrastructure, Predator’s tactics and procedures during its delivery process have remained consistent over time. This consistency suggests that the operation has been successful in its endeavors. The Insikt team noted in their findings that Predator is considered one of the premier providers of mercenary spyware, alongside NSO Group’s Pegasus.
The use of spyware for surveillance and intelligence gathering purposes is a concerning issue, as it raises questions about privacy and security. By targeting mobile devices, Predator has the ability to access a wealth of sensitive information, potentially compromising the privacy and security of individuals in the countries where it operates.
As the Predator operation continues to evolve and expand its reach, it underscores the need for increased vigilance and security measures to protect against such malicious activities. Organizations and individuals should remain diligent in their cybersecurity practices to mitigate the risks posed by sophisticated spyware operations like Predator.
In light of these developments, it is crucial for authorities and cybersecurity experts to collaborate and take proactive measures to combat the spread of such spyware operations. By staying informed and alert to the latest threats, we can work towards safeguarding our digital privacy and security in an increasingly connected world.