Predator Spyware Uses Ad-Based Zero-Click Infection
📢 Researchers report that the Predator spyware operator Intellexa developed a zero-click delivery mechanism called Aladdin that can infect targets simply by serving a weaponized advertisement. The technique abuses commercial mobile advertising systems and Demand Side Platforms to force malicious ads to specific IPs and devices, with viewing alone triggering redirections to exploit servers. First deployed in 2024 and routed through shell companies across multiple countries, the campaign is corroborated by leaked Intellexa documents and technical analysis from Amnesty, Google, and Recorded Future. Analysts recommend blocking ads, hiding public IPs, and using platform protections, though leaked materials suggest operators can obtain subscriber IP/location data from local mobile operators.
