As part of Google’s efforts to track the activities of commercial spyware vendors, the company’s Threat Analysis Group (TAG) on Thursday released a report on spyware campaigns aimed at users of Android and iOS.
Google TAG researchers Benoit Sevens and Clement Lecigne go into detail about the use of enterprise-grade spyware called “Hermit.” This sophisticated spyware tool allows attackers to steal data, private messages and make phone calls. In their report, TAG researchers attributed Hermit to RCS Labs, a commercial spyware vendor based in Italy.
The hermit poses many important dangers. Due to its modularity, Hermit is quite customizable, allowing the functions of the spyware to be modified according to the will of its user. Once fully located on a target’s phone, attackers can collect sensitive information such as call logs, contacts, photos, precise location, and SMS messages.
The full Sevens and Lecigne report details the ways in which attackers can access both Android and iOS devices through the use of clever tricks and direct attacks. The potential targets of this scam will have your data turned off through your ISP before sending a malicious link via text to get them to “fix” the problem. If that doesn’t work, targets will be tricked into downloading malicious apps disguised as messaging apps.
SEE ALSO: Spyware intended to track terrorists was also used against journalists and activists
Last week, cybersecurity company Lookout reported the use of Hermit by agents working in the governments of Kazakhstan, Syria and Italy. Google has already identified victims in these countries, stating that “TAG is actively tracking more than 30 vendors with different levels of sophistication and public exposure who sell exploits or surveillance capabilities to government-backed actors.”
The Milan-based company claims to offer “cutting-edge technological solutions and technical support in the field of legal interception for more than twenty years” to law enforcement around the world. More than 10,000 intercepted targets are expected to be dealt with on a daily basis in Europe alone.
When The Hacker News asked for feedback, RCS Labs said that “its main business is the design, production and implementation of software platforms dedicated to legal interception, forensic intelligence and data analysis” and which “helps law enforcement prevent and investigate.” serious crimes such as acts of terrorism, drug trafficking, organized crime, child abuse and corruption. “
Still, the news of the spyware used by state government agents is worrisome. Not only does it erode confidence in Internet security, but it also puts at risk the lives of anyone a government considers an enemy of the state, such as dissidents, journalists, human rights workers, and political parties. ‘opposition.
“Facing the harmful practices of the commercial surveillance industry will require a solid and comprehensive approach that includes cooperation between threat intelligence teams, network advocates, academic researchers, governments, and technology platforms,” the researchers wrote. of Google TAG. “We look forward to continuing to work in this space and advancing the safety of our users around the world.”