Predator has been found to illegally spy on journalists and politicians the world over since December 2021.1 But the threat the app poses may not have died down despite its exposure.
WhoisXML API threat researcher Dancho Danchev recently investigated the campaign using 21 related email addresses and found:
- More than 300 Predator command-and-control (C&C) domains registered across at least 12 countries
- Four IP address resolutions of the C&C domains geographically spread across three countries
- Seven additional domains that shared the C&C domains’ IP hosts
- Four possibly connected web properties—one IP address and three domains—were tagged “malicious” by various malware engines
Download a sample of the threat research materials now or contact us to access the complete set of research materials.
—
- [1] https://techcrunch.com/2021/12/16/cytrox-predator-phone-hacking-meta/