Riaan I-spyware ye-Android Predator inamandla amaningi okuqapha kunalokho obekusolwa ngaphambilini, ngokusho kokuhlaziywa kwe-Cisco Talos, ngosizo oluvela ku-Citizen Lab engenzi nzuzo e-Canada.
I-Predator nesilayishi sayo i-Alien kade yaba khona kusukela okungenani ngonyaka ka-2019, futhi iyingxenye yesuite enkulu eyakhiwe yi-Cytrox, manje ebizwa ngokuthi i-Intellixa. Isofthiwe, eklanyelwe inhloli futhi ikhiphe idatha kumadivayisi eshelelezi kuwo, iyatholakala ku-Google Android ne-Apple iOS.
Ku-dive yayo ejulile eshicilelwe ngoLwesine, ehlola inguqulo yekhodi ye-Android, Kusikisela uTalos I-Alien ingaphezu nje kwesilayishi se-Predator, nokuthi lezi zimbili zisebenza ngokuhlanganyela ukuze zinike amandla zonke izinhlobo zemisebenzi yobunhloli nokuqoqa ubuhlakani kumadivayisi onakalisiwe.
“Uma zisetshenziswa ndawonye, lezi zingxenye zihlinzeka ngolwazi oluhlukene lokweba, ukugada kanye namandla okufinyelela kude,” kusho abacwaningi.
Lokhu kubandakanya ukurekhoda umsindo ovela kumakholi wefoni nezinhlelo zokusebenza ze-VoIP; ukweba idatha kuSignal, WhatsApp kanye neTelegram; futhi ngisho nokufihla izinhlelo zokusebenza noma ukuzivimbela ekusebenzeni ngemva kokuqaliswa kwedivayisi.
Kodwa-ke, i-Talos iyavuma ukuthi ayinakho ukufinyelela kuzo zonke izingxenye ze-spyware, ngakho-ke ngaphandle kokuhlolwa okuphelele kwekhodi, “lolu hlu lwamakhono akufanele lubhekwe njengoluphelele,” bengeza. Noma kunjalo, u-Talos unombono wokuthi amandla okuqapha ahlanganisa ukulandelela indawo, ukufinyelela kwekhamera, nokwenza kubonakale sengathi ifoni ivaliwe – okwenza kube lula ukuhlola isisulu ngaphandle kolwazi lwaso.
Njenge-snoopware yabanye Pegasusedinga ukusebenzisana kwabasebenzisi abangaziro ukuze ithelele amathuluzi ezisulu, i-Predator ne-Alien ibhaliwe ukuxhaphaza izinsuku eziyiziro kanye nobunye ubungozi bokuthi butheleleke futhi bulawule amafoni e-Android.
Okokuqala, i-Alien ijovwa kunqubo ye-Zygote Android lapho izinhlelo zokusebenza zifojwa khona futhi ziqaliswe. Uma isebenza ngaphakathi kwaleyo nqubo yesistimu ekhethekile, ilanda inguqulo yakamuva ye-Predator kanye nezingxenye zohlelo lokusebenza zokuxhumana nokuvumelanisa. I-Alien ingase futhi idale isikhala senkumbulo esabelwe somsindo nedatha entshontshiwe, kanye nomxholo we-SELinux ukuyisiza yeqe izici zokuphepha ze-Android futhi igweme ukutholwa.
“I-Alien ayiyona nje isilayishi kodwa futhi ingumenzi – imicu yayo eminingi izogcina imiyalo evela ku-Predator futhi iyenze, inikeze inhloli ngezindlela zokudlula ezinye zezici zokuphepha zohlaka lwe-Android,” kusho uTalos.
I-Predator, ngakolunye uhlangothi, iyifayela le-ELF elisebenzisa amamojula wePython nekhodi yomdabu ukwenza imisebenzi yalo yokuhlola. Lokhu kufaka phakathi ukwenziwa kwekhodi okunganasizathu, ukurekhodwa komsindo — kusukela kumakrofoni, i-earpiece- namakholi asekelwe ku-VOIP, ukudala izitifiketi zeleveli yomsebenzisi, nokufihla izinhlelo zokusebenza noma ukuzivimbela ekusebenziseni lapho idivayisi iqala kabusha.
Isebenza nesilayishi se-Alien, i-spyware iphinda ihlonze umkhiqizi wedivayisi. Uma yenziwe i-Samsung, i-Huawei, i-Oppo noma i-Xiaomi, ukufakelwa kuzobala ngokuphindaphindiwe okuqukethwe okuvela ezinhlwini ezimbalwa ezihlanganisa imilayezo, abathintwayo, imidiya, i-imeyili, inkundla yezokuxhumana kanye nezinhlelo zokusebenza zesiphequluli ngaphambi kokukhipha idatha yesisulu. Bona umbiko we-Talos ukuze uthole imininingwane egcwele yobuchwepheshe. ®
