The Chrysaor Android spyware implements several features including:
The surveillance firm NSO Group Technologies produce the best surveillance technology to governments, law enforcement agencies worldwide, but privacy advocates and activists accuse the firm of selling its malware also to dictatorial regimes.
“Although the applications were never available in Google Play, we immediately identified the scope of the problem by using Verify Apps,” reads a blog post published by Google.
“We’ve contacted the potentially affected users, disabled the applications on affected devices, and implemented changes in Verify Apps to protect all users.”
“Pegasus for Android will remove itself from the phone if:
Chrysaor exploits a well-known Android-rooting exploit called Framaroot to root the device and gain full control over the mobile device.
The experts noticed that the Chrysaor spyware back to 2014, this means that it is possible that NSO group might have discovered zero-day vulnerabilities in Android OS and has implemented the exploit code in the latest version of Chrysaor spyware.
Lookout published a detailed analysis of the Chrysaor spyware titled “Pegasus for Android: Technical Analysis and Findings of Chrysaor.”
(Security Affairs – Chrysaor spyware , surveillance)