Google uncovers ‘Israeli’ spy app made to track & hack smartphones


Google discovers what it fears to be the most dangerous android spyware to date, suspected of being created by an Israeli company, that can copy internal memory, messages, call logs, internet history as well as spy on people by remotely activating the smartphones’ camera and microphone.

By Sagi Cohen


Security researchers at Google and Lookout have discovered an extremely sophisticated Android app capable of spying on users by hacking their smartphones’ camera and microphone, as well as track calls, messages, internet history and more.

Called Chrysaor, the spyware seems to be linked to Pegasus, a notorious program that was found to be targeting iPhone users in 2016 and is suspected of having been created by Israeli firm NSO Group Technologies.

IDF’s new secured, ‘untrackable smartphone’ for it’s soldiers – Photo: IDF Spokesperson’s Unit

Google and Lookout announced the discovery of the spyware last week. The app, which was not available for download from Google Play, has already been detected on 36 devices, most of which were owned by people living in Israel.Other countries to have found infected devices are Georgia, Mexico, Turkey, Kenya and others.

NSO Group Technologies has previously been accused of developing Smartphone hacking software and selling them to spy agencies across the globe, as they allegedly did with Pegasus.

“To install Chrysaor, we believe an attacker coaxed specifically targeted individuals to download the malicious software onto their device,” said Google.

“Once Chrysaor is installed, a remote operator is able to surveil the victim’s activities on the device and within the vicinity, leveraging microphone, camera, data collection, and logging and tracking application activities on communication apps such as phone and SMS.”

Chrysaor also had a self-destruct feature, helping NSO Group’s malware avoid detection. “If it feels like it’s going to be found, it removes itself,” said Lookout mobile security researcher Michael Flossman. “That’s why it took so long to find these samples.”Lookout and Google said that though the samples date from 2014, there was evidence the spyware was working on some victim Android phones when discovered in the last few months.

The likelihood of being affected by such spyware may be small, however Google recommends users take precautionary measures such as installing apps only from reputable sources and keeping devices up-to-date with the latest security patches to protect themselves.

All known targets of Chrysaor have been alerted.


(Translated & edited by Lior Mor)


View original Ynet publication at:,7340,L-4946606,00.html