• Latest
  • All
  • How To
Android-Malware

Kenya, Nigeria and Tanzania Among Countries Affected by a Spyware on Android

April 6, 2017
Infinix Hot 60i Pre-order

Infinix Hot 60i Now Available for Pre-Order in Kenya

July 4, 2025
Windows

Microsoft’s Windows Usage Slumps as Macs, Linux, and Mobile Take Over

July 4, 2025
Microsoft

Microsoft Slashes 9,100 Jobs in Biggest Layoffs Since 2023

July 4, 2025
NASA

NASA Brings Space Missions to Netflix at No Extra Cost

July 3, 2025
DHgate Tablet Cases deals
ios 26-facetime

iOS 26 May Pause Video if You Start Undressing on FaceTime

July 3, 2025
apple iphone foldable

Apple Begins Testing Its First Foldable iPhone

July 3, 2025
Mobile Data

Kenya Draws More Tourists as Mobile Data Roaming Soars

July 3, 2025
Axian Telecom Considers Full Acquisition of Jumia

Axian Telecom Is Plotting a Full Buyout of Jumia

July 3, 2025
Cable TV

Kenya’s Cable TV Market Rebounds with 31.5% Growth

July 3, 2025
Premier League and Microsoft Announce Strategic AI Partnership for Enhanced Fan Engagement

Football Meets AI as Microsoft Joins Forces with the EPL

July 3, 2025
SMS

Kenyans Ditch SMS in Favor of WhatsApp and Chat Apps

July 1, 2025
DeepSeek_vs_ChatGPT

Hackers Build Malware That Tries to Reprogram AI Security Tools

July 1, 2025
Techweez | Tech News, Reviews, Deals, Tips and How To
  • News
  • Entertainment
  • Reviews
  • Features
  • Editorial
No Result
View All Result
Techweez | Tech News, Reviews, Deals, Tips and How To
  • News
  • Entertainment
  • Reviews
  • Features
  • Editorial
No Result
View All Result
Techweez | Tech News, Reviews, Deals, Tips and How To
No Result
View All Result

Kenya, Nigeria and Tanzania Among Countries Affected by a Spyware on Android

Saruni Maina by Saruni Maina
April 6, 2017
in News
Reading Time: 3 mins read
256
1
Android-Malware

Android-Malware-2Some time back, Pegasus made its way on iOS. Pegasus was a spyware that was discovered in iOS in August 2015. Just the other day, a Pegasus-like spyware dubbed “Chrysaor” was discovered deeply rooted within Android.

Chrysaor is a spyware that is believed to have been created by NSO Group Technologies, a company that specializes in the creation and sale of software and infrastructure for targeted attacks.

Google says that late last year, they discovered that “a few dozen Android devices” may have installed an application related to Pegasus. Google goes ahead to say that the application (Chrysaor) was never available in the Google Play Store.

Once Chrysaor was installed in one’s phone, the malware would surveil the victim’s activities on the device leveraging microphone, camera, data collection, and logging and tracking application activities on communication apps such as phone and SMS.

The app uses framaroot exploits, meaning that there is a high chance it only affected rooted devices. The app would attempt to use superuser binary to elevate its privileges. After elevating its privileges, the app would protect itself by:

  • Installing itself as a system app (thus becomes immune to factory resets).
  • Removing Samsung’s system update app and disabling auto updates (on Samsung devices).
  • Deleting WAP push messages and changing WAP message settings, possibly for anti-forensic purpose.
  • Starting content observers and the main task loop to receive remote commands and exfiltrate data.

According to Google, the app uses six techniques to collect user data:

  • Repeated commands – use alarms to periodically repeat actions on the device to expose data, including gathering location data.
  • Data collectors – dump all existing content on the device into a queue. Data collectors are used in conjunction with repeated commands to collect user data including, SMS settings, SMS messages, Call logs, Browser History, Calendar, Contacts, Emails, and messages from selected messaging apps, including WhatsApp, Twitter, Facebook, Kakoa, Viber, and Skype by making /data/data directories of the apps world readable.
  • Content observers – use Android’s ContentObserver framework to gather changes in SMS, Calendar, Contacts, Cell info, Email, WhatsApp, Facebook, Twitter, Kakao, Viber, and Skype.
  • Screenshots – captures an image of the current screen via the raw frame buffer.
  • Keylogging – record input events from the user.
  • RoomTap – silently answers a telephone call and stays connected in the background, allowing the caller to hear conversations within the range of the phone’s microphone. If the user unlocks their device, they will see a black screen while the app drops the call, resets call settings and prepares for the user to interact with the device normally.

Google also reveals that the app can uninstall itself, through command from the server, a self destruct feature if the app is not able to connect to the server in 60 days and via an antidote file.

Google said that they have contacted the potentially affected users, disabled the applications on affected devices, and implemented changes in Verify Apps to protect all Android users.

As scary as this is, the chances of having been affected by this malware are very low. Google also released a chart, showing the scope of affected devices per country:

chrysaor malware

Before you go running to the comments section to say how much Android sucks, note that the malware only affects devices running on Android 4.3 Jelly Bean and below, and as earlier mentioned, probably only on rooted users.

Thanks to stevewanaswa, one of our forum users, for the headsup on this. You can join the discussion on the same, here

Tags: AndroidMalware
SendShare147Tweet92
Saruni Maina

Saruni Maina

I Google Bing until it Yahoos! | Email: [email protected]

Related Posts

DeepSeek_vs_ChatGPT

Hackers Build Malware That Tries to Reprogram AI Security Tools

July 1, 2025
How to Install a VPN and the Best Options in Kenya

How to Install a VPN and the Best Options in Kenya

June 27, 2025
How to Secure Your Phone and Yourself During Protests

How to Secure Your Phone (and Yourself) During Protests

June 25, 2025
Android 16

Google Releases Android 16 Early with Powerful New Tools

June 11, 2025
google-ai-edge-gallery

New Google App Lets You Use AI Offline on Android

June 5, 2025
adobe-photoshop-iphone

Adobe Launches Photoshop Beta App for Android

June 5, 2025

Latest

Infinix Hot 60i Pre-order

Infinix Hot 60i Now Available for Pre-Order in Kenya

July 4, 2025
Windows

Microsoft’s Windows Usage Slumps as Macs, Linux, and Mobile Take Over

July 4, 2025
Microsoft

Microsoft Slashes 9,100 Jobs in Biggest Layoffs Since 2023

July 4, 2025
NASA

NASA Brings Space Missions to Netflix at No Extra Cost

July 3, 2025
ios 26-facetime

iOS 26 May Pause Video if You Start Undressing on FaceTime

July 3, 2025
apple iphone foldable

Apple Begins Testing Its First Foldable iPhone

July 3, 2025

Best devices

budget smartwatches 2025

Best Budget Smartwatches To Buy in Kenya 2025

February 13, 2025

Best Infinix Smartphones To Buy in Kenya 2024

February 13, 2025

Best Laptops for Battery Life in 2024

August 21, 2024

Best “Battery Warrior” Smartphones To Buy in 2024

August 22, 2024

Infinix Hot 60i Now Available for Pre-Order in Kenya

July 4, 2025

Microsoft’s Windows Usage Slumps as Macs, Linux, and Mobile Take Over

July 4, 2025

Techweez is a fast growing influential source of technology news, reviews and analysis by leading tech geeks in the industry.

Follow Us

Editorials

Abductions and Arrests! Kenyan Government’s Fear and Hate of X Users Makes No Sense

Actors and Film Crews Are Worried About Veo 3 Taking Their Jobs

Samsung QLED TVs Now Officially Certified for Real Quantum Dot Technology

Trump’s Tariffs Will Be the End of Affordable Tech

5 Ways to Prep Your Tech for Resale

The Weaponization of PDFs: How Cybercriminals Are Exploiting a Trusted Format

More News

Kenya Draws More Tourists as Mobile Data Roaming Soars

Axian Telecom Is Plotting a Full Buyout of Jumia

Kenya’s Cable TV Market Rebounds with 31.5% Growth

Football Meets AI as Microsoft Joins Forces with the EPL

Kenyans Ditch SMS in Favor of WhatsApp and Chat Apps

Hackers Build Malware That Tries to Reprogram AI Security Tools

  • Terms Of Use
  • Techweez Brand
  • Privacy & Policy
  • Contact Us

© 2024 Techweez - Palahala Media Group may earn a commission when you buy through links on our sites.
A Palahala Media Group Brand. All rights reserved.
.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Techweez | Tech News, Reviews, Deals, Tips and How To
Crunchy Cookies 🍪 Ahead!

Hey there! Just a heads-up: we're big fans of cookies - both the digital and edible kind! 🍪 We use our cookies and some from third parties to ensure your browsing experience on our site is smooth sailing and secure.

 

But wait, there's more! We also use cookies to gather stats and insights on how you navigate our site. It's like getting a behind-the-scenes peek at your digital adventures!

 

Don't worry, you're in control. You can adjust your cookie settings anytime to suit your preferences. Feeling curious? Dive into our Privacy Policy for all the juicy details. Happy browsing! 🚀

Functional Always active
Listen, this legal stuff is about as exciting as watching paint dry. But it basically says we only use your stuff for what you asked us to do, and nobody else gets to peek!
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
It's those sneaky cookie crumbs websites leave behind to count visitors, like counting ants at a picnic! Totally harmless, just for fun facts. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
Hey there! Just letting you know we use some fancy gizmos to remember your preferences. This way, we can show you ads that are, well, not completely bananas.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Make cookies
{title} {title} {title}
Techweez | Tech News, Reviews, Deals, Tips and How To
Crunchy Cookies 🍪 Ahead!
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
Listen, this legal stuff is about as exciting as watching paint dry. But it basically says we only use your stuff for what you asked us to do, and nobody else gets to peek!
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
It's those sneaky cookie crumbs websites leave behind to count visitors, like counting ants at a picnic! Totally harmless, just for fun facts. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
Hey there! Just letting you know we use some fancy gizmos to remember your preferences. This way, we can show you ads that are, well, not completely bananas.
Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
Make cookies
{title} {title} {title}
No Result
View All Result
  • News
  • Reviews
  • Features
  • Editorial
  • Automotive
  • Entertainment

© 2024 Techweez - Palahala Media Group may earn a commission when you buy through links on our sites.
A Palahala Media Group Brand. All rights reserved.
.