tldr - powered by Generative AI

• A set of three vulnerabilities were exploited to bypass certificate validation, elevate privileges, and achieve remote code execution on targeted devices.
• The Predator spyware, similar to NSO Group's Pegasus, enables surveillance and data harvesting from compromised devices.
• The exploit chain involved a network injection attack using Sandvine's PacketLogic middlebox to redirect the victim to a malicious website.
• The exploit took advantage of HTTP visits to intercept and redirect users to an Intellexa site, leading to the installation of the Predator spyware.
• SMS messages disguised as security alerts were used to trick the target into clicking on malicious links.
• The telecom ecosystem has blindspots that can be exploited to intercept network traffic and inject malware.
• Users at risk of spyware threats are advised to keep their devices updated and enable Lockdown Mode on Apple devices.