A powerful new spyware, called Predator, is turning phones into surveillance tools and has allegedly been sold to governments worldwide. Most recently, the Greek wiretapping scandal has exposed the government for sending millions to Predator’s creators. So, what is Predator spyware, what does it do, and how do you protect yourself from it?
What is Predator spyware?
Predator spyware is a phone hacking software believed to be developed by Cytrox, based in Skopje, North Macedonia.
Predator shares similar features with Pegasus spyware. Once on your phone, Predator can access every message, call, photo, and password and has the ability to hide apps it doesn’t want you to find. Predator can add a certificate authority (CA) to your phone, tricking your device into trusting malicious apps and websites. It also can open the phone’s camera and microphone, turning it into a surveillance tool.
Sold as a commercial surveillance-for-hire tool, it is reported that governments worldwide are customers of Cytrox’s spyware. Predator is used to surveil political opponents and government critics.
By exploiting zero-day vulnerabilities, malicious actors could install Predator on their target’s phones. It’s executed by sending a link via email or text, directing the target to a domain that downloads malware before directing again to a legitimate page.
Why do cybercriminals leverage zero-day vulnerabilities?
A zero-day vulnerability is a software vulnerability that attackers discover before the software maker. These vulnerabilities are exploited before software developers are aware of them and before a patch is issued, increasing the likelihood of a successful cyberattack.
As patches for these vulnerabilities do not immediately exist, keeping your software up to date won’t protect you from a zero-day attack. That said, you should still keep your devices updated to be protected from known vulnerabilities.
Read more: Ultimate guide to mobile security for iPhone and Android devices
How to check if your device is infected with the Predator spyware
Spyware like Predator can make itself hard to find on your devices, but you can look for signs of a spyware infection. These include:
- Your device is experiencing a decrease in performance. Spyware can cause your device to slow down as it increases the consumption of your device’s resources.
- A barrage of pop-up windows. Spyware is often packaged with adware. Your device is likely infected if you receive a barrage of unexpected pop-up advertisements.
- New programs and features appear at random. You notice apps, browser toolbars, and search engines you don’t recognize.
- Difficulty accessing secure sites. If you get directed to a login page after your login attempt, it may mean your first attempt was on a spoofed site that communicates your password to a third party. Always check the browser link of the page you intend to visit is the correct one.
- Unexplained increase in data usage. If you’ve found that your data usage has increased sharply on your latest phone bill, chances are there’s a malicious code or program sending data from your phone to unknown servers.
- Your antivirus isn’t working properly. Spyware can search for cybersecurity tools like antivirus software and try to block them to evade detection and removal.
How to protect yourself from the Predator spyware
While Predator is predominantly used to track high-value targets, digital monitoring still matters if you’re a “nobody.” Besides, software like Predator can still violate your privacy, even if you have nothing to hide.
Read more: Why you should care about surveillance
To protect yourself from Predator spyware and other computer viruses, you should stay ahead of cybercriminals by keeping up with cybersecurity best practices.
- Use the full range of cybersecurity and network tools. Tools like an antivirus program, firewalls, ad blockers, anti-tracking browser extensions, and a VPN are your line of defense against cyberattacks, including spyware.
- Use genuine antivirus software. Antivirus from a trusted provider will alert you to threats, swiftly quarantine malware, and remove it from your computer.
- Never root or jailbreak your devices. Spyware usually requires a phone to be rooted or jailbroken for it to work. If your phone is rooted or jailbroken, undoing it could render spyware like Predator useless.
- Keep your devices up to date. Declining software updates increase the risks of zero-day exploits. Keeping your devices updated ensures that all known bugs are squashed and cannot be exploited.
- Don’t download files or open links from unknown sources. If you’re unsure of a link’s destination or the source of an email attachment, it’s best not to click on them.
- Use Safe Mode to remove spyware. On Android phones, Safe Mode is your best bet to remove spyware completely. Safe Mode prevents spyware from activating on boot and blocks it from networks it can use to reinstall itself.
FAQ: About Predator spyware
Who makes Predator spyware?
It is believed that the spyware maker Cytrox, based in Skopje, North Macedonia, is the creator of Predator spyware.
Can antivirus detect Predator spyware?
Advanced spyware like Predator and Pegasus are hard to detect and can easily evade antivirus software. Keeping to security best practices, including installing reputable antivirus software, can protect you from a spyware attack.

Protect your privacy with the best VPN
30-day money-back guarantee

Comments
Ok, maybe this is just an overview.
May I suggest you provide an overview of the average phone user and then a more in-depth analysis and links, for us that are more tech-savvy?
Ummm, how do we find this and remove it from the phone??????????
You dont we will just continue using our unlimited backdoor access to your service providers administrative privileges to make sure it stays where we need it. you cant hide from the government, but we can hide from you….
best comment ever hahahha