"The Predator spyware from surveillance company Intellexa has been using a zero-click infection mechanism dubbed "Aladdin," which compromised specific targets by simply viewing a malicious advertisement. This powerful and previously unknown infection vector is meticulously hidden behind shell companies spread across multiple countries, now uncovered in a new joint investigation by Inside Story, Haaretz, and WAV Research Collective. Leaked Intellexa marketing materialSource: Amnesty International"
""This malicious ad could be served on any website that displays ads, such as a trusted news website or mobile app, and would appear like any other ad that the target is likely to see," explains Amnesty International's Security Lab. "Internal company materials explain that simply viewing the advertisement is enough to trigger the infection on the target's device, without any need to click on the advertisement itself.""
Predator spyware uses a zero-click infection vector named Aladdin that compromises targets by displaying a malicious ad. Aladdin leverages commercial mobile advertising systems and demand-side platforms to force weaponized ads onto specific targets identified via public IPs and other identifiers. Viewing the ads triggers infection without any need to click. Ads redirect to Intellexa exploit delivery servers. The delivery chain routes ads through multiple advertising firms and shell companies across several countries. Leaked Intellexa marketing materials and corroborating technical research from forensic and security experts indicate active development and deployment since 2024.
Read at BleepingComputer
Unable to calculate read time
Collection
[
|
...
]