As part of Google’s efforts to track the activity of commercial spyware vendors, the company’s Threat Analysis Group (TAG) released a report on spyware campaigns aimed at Android and iOS users on Thursday.
Google TAG researchers Benoit Sevens and Clement Lecigne go into detail about the use of enterprise-level spyware called “Hermit.” This sophisticated spyware tool allows attackers to steal data, personal messages and make phone calls. In their report, TAG researchers attributed Hermit to RCS Labs, a commercial spyware provider based in Italy.
The hermit poses many significant dangers. Due to its modularity, Hermit is quite adaptable, allowing the functions of spyware to change according to the will of its user. Once fully located on the target’s phone, attackers can collect sensitive information such as call logs, contacts, photos, exact location, and text messages.
The full Sevens and Lecigne report details how attackers can gain access to both Android and iOS devices using clever tricks and driving attacks. The potential targets of this scam will deactivate their data through their ISP before sending a malicious text link to get them to “fix” the problem. If that doesn’t work, targets will be tricked into downloading malicious apps disguised as messaging apps.
SEE ALSO: Spyware designed to track terrorists has also been used against journalists and activists
Just last week, cybersecurity firm Lookout announced the use of Hermit by agents working in the governments of Kazakhstan, Syria and Italy. Google has already identified victims in those countries, saying “TAG is actively tracking more than 30 providers with varying levels of complexity and public exposure, selling exploits or surveillance capabilities to government-backed participants.”
The Milan-based company says it has been providing law enforcement agencies around the world with cutting-edge technological solutions and technical support in the field of legal interception for more than twenty years. It is said that more than 10,000 captured targets are processed daily in Europe alone.
Asked for comment by The Hacker News, RCS Labs said its “core business is to design, manufacture and deploy software platforms designed for lawful interception, forensic intelligence and data analysis” and that it “helps law enforcement to prevent and investigate serious crimes such as terrorist acts, drug trafficking, organized crime, child abuse and corruption. “
However, the news of the use of spyware by government agents is alarming. This not only undermines confidence in internet safety, but also puts at risk the lives of anyone the government considers an enemy of the state, such as dissidents, human rights journalists and opposition politicians.
“Dealing with harmful practices in the commercial surveillance industry will require a robust, comprehensive approach that includes collaboration between threat intelligence teams, network advocates, academic researchers, governments and technology platforms,” the Google TAG researchers wrote. “We look forward to continuing our work in this space and improving the safety and security of our users around the world.”
Add Comment