Potentially Harmful Applications authors usually do their best when it comes to installing their harmful apps on as many devices as possible and as you know, Google is constantly working against them. In that matter, I must tell you about Chrysaor, a newly discovered family of spyware that was used in a targeted attack on a small number of Android handsets, therefore is ideal to know what this is and how to protect your Android device.
This malware is assumed to be a product of NSO Group. If you remember, this is the company that developed the Pegasus malware for iOS, known to sell cyber espionage tools to nation states. Google named the malware Chrysaor (the brother of Pegasus) and believe it or not, it is even more powerful than its brother.
To be more precise, the capabilities of Chrysaor depend on pre-existing root or successfully rooting the phone on its own, but in case of failure to root some limited functionality also exists. These capabilities include gaining root on some devices, older than Android 4.3, removing itself on command, Audio surveillance, keylogging, screenshots, leaking databases of some of the communication apps that we all use: WhatsApp, Skype, Facebook, Twitter, Gmail, Calendar and much more.
I don’t want to scare you or anything, but I can only imagine that you get how serious things are. This is why, as even Google claims, it it better to protect yourself and the handset that you love:
Protect your Android Device from Chrysaor Malware:
- Chrysaor was never available in Google Play and had an incredibly low volume of installs outside of Google Play, therefore you should only install apps from reiable sources, such as the Google Play Store;
- Do not hesitate to secure your lock screen with a hard-to-guess PIN, just to make sure that things could never go wrong;
- Don’t skip the latest Android updates or postpone them as they might be the ones saving your handset from such dangers;
- Use Verify Apps to check if any of your apps are infected with malware;
- Locate your device: Practice finding your device with Android Device Manager because you are far more likely to lose your device than install a PHA.
Google shared that variants of the malware were seen on less than 3 dozen devices, none of them in the US or the EU and it is only up to use to keep the small number.