Madagascar Drops Predator Spyware on Citizens in Watering Hole Attack

  /     /     /  
Publicated : 23/11/2024   Category : security

Madagascar Drops Predator Spyware on Citizens in Watering Hole Attack


The Predator spyware was distributed by dropping malicious links inside typosquatted facsimiles of news websites.


Madagascars government services — such as police or domestic intelligence — have apparently purchased and leveraged Predator to conduct political
domestic surveillance
ahead of a presidential election in November.
According to
research
by Sekoia, the effort was a watering hole attack: Links to download the spyware were added to WordPress blogs containing genuine articles taken from the Madagascan newspaper Midi Madagasikara. Anyone looking for the legitimate story could have ended up on the malicious page and gone on to download the spyware, according to the firm. The malicious links were obscured with URL shorteners.
Other assessments by the company showed that nations across the Middle East, Africa, and beyond have been using the Predator spyware in efforts to monitor citizens. In particular, it determined that Angolas government services used Predator, while Kazakhstan intelligence services purchased and used the spyware too.
Sekoia said active checks of an infrastructure cluster related to the spyware found that in total, there were 121 active domain names including in
Angola
, Egypt and the Persian Gulf.
The
Predator spyware
was developed by European company Cytrox and is used to target both Android and Apple iOS operating systems. Recently, it was spotted being delivered in zero-click attacks against targets in Egypt. According to Citizen Lab, one of those targets was 
former Egyptian MP Ahmed Eltantawy
, who was targeted via network-based injection that redirected him to malicious Web pages when he visited non-HTTPS sites. There, a zero-day exploit was used to install Predator on his iPhone. 

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
Madagascar Drops Predator Spyware on Citizens in Watering Hole Attack