Pegasus Malware Reborn As Chrysaor, Doesn't Get Far

Malware is an ongoing problem with the rampant advance of technology, but the story of at least one Android malware ended quite peacefully, with Google nipping Chrysaor, a reborn Pegasus, before it even managed to pass three dozen active installations. The highly targeted malware never hit the Play Store, but chose its targets carefully, just as its iOS-bound predecessor did. Thus, while it did only manage to reach a small number of users, Google acted quickly and drastically to ensure the safety of the affected users' data and devices. Verify Apps was employed to check the scale of the attack, and to help prevent future instances.

The way that Chrysaor worked was quite brilliant, in the realm of malware. First, it embedded itself into a single app that a targeted user downloaded. There were no details on how the targeting happened; it may have been random, or through social engineering. In any case, the unsafe app would request seemingly innocuous permissions and use them to try to bring other apps with similar functionality on board. When the puzzle was completed, the user was left with a full-system vulnerability that could be utterly devastating. The most interesting part, however, was how well Chrysaor hid itself; if the malware was at any point compromised or had any part of itself thrust into the open where a user could inspect it, it would delete all traces of itself from the user's device.

Piecemeal malware is usually a sign of a very targeted attack, and a graph produced by Google shows that this new malware wasn't too far off from its predecessor, which was created to spy on a single individual in the United Arab Emirates through jailbreak privileges and small vulnerabilities. Chrysaor, for all intents and purposes, has been defeated at this point; Google has told the world about it, and all of the major malware protection suites likely either already protect against it or will soon. Still, threats of a similar manner can hide almost anywhere. Malware has made it into the Play Store before, but statistically, it's the safest place to get your apps.

You May Like These
More Like This:
About the Author
2018/10/Daniel-Fuller-2018.jpg

Daniel Fuller

Senior Staff Writer
Daniel has been writing for Android Headlines since 2015, and is one of the site's Senior Staff Writers. He's been living the Android life since 2010, and has been interested in technology of all sorts since childhood. His personal, educational and professional backgrounds in computer science, gaming, literature, and music leave him uniquely equipped to handle a wide range of news topics for the site. These include the likes of machine learning, voice assistants, AI technology development, and hot gaming news in the Android world. Contact him at [email protected]
Android Headlines We Are Hiring Apply Now