Predator Spyware Infrastructure Returns Following Exposure and Sanctions
Sept. 5, 2024, 4:47 p.m.
Tags
External References
Description
Predator spyware's infrastructure has resurfaced with modifications to evade detection and anonymize users, despite previous exposure and sanctions. The spyware continues to pose significant risks, especially to high-profile individuals in countries like the Democratic Republic of the Congo and Angola. New infrastructure changes make tracking users more challenging. Defensive measures include regular device updates, using lockdown mode, and deploying mobile device management systems. The spyware market is expected to grow, highlighting the need for ongoing global efforts to regulate and curb its use. The resurgence underscores the persistent threat of mercenary spyware and the importance of cybersecurity best practices.
Date
Published: Sept. 5, 2024, 4:38 p.m.
Created: Sept. 5, 2024, 4:38 p.m.
Modified: Sept. 5, 2024, 4:47 p.m.
Indicators
98.142.253.18
45.86.163.178
193.29.59.164
193.29.56.252
185.243.113.169
185.235.137.6
185.123.102.40
169.239.129.76
yokananu.net
toysfourtots.com
nyirangongovrai.com
noisyball.com
masoloyakati.com
lesautreseux.com
holidaypriceguide.com
happytotstoys.com
Attack Patterns
Predator
Intellexa alliance
T1583.001
T1583.004
T1583.003
T1566.002
Additional Informations
Government
Angola
Greece
Poland