The Android Predator spyware has more surveillance capabilities than previously suspected, according to analysis by Cisco Talos, with an assist from non-profit Citizen Lab in Canada.
Predator and its loader Alien have been around since at least 2019, and are part of a larger suite developed by Cytrox, now called Intellexa. The software, which is designed to spy on and extract data from the devices it's slipped into, is available for Google Android and Apple iOS.
In its deep dive published on Thursday, which examines the Android version of the code, Talos suggests Alien is more than just a loader for a Predator, and that the two work in combination to enable all kinds of espionage and intelligence-gathering activities on compromised devices.
"When used together, these components provide a variety of information stealing, surveillance and remote-access capabilities," the researchers said.
This includes recording audio from phone calls and VoIP apps; stealing data from Signal, WhatsApp and Telegram; and even hiding applications or preventing them from running after a device reboots.