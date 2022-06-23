WORLD
4 MIN READ
Italian spyware targets Apple, Android phones — Google
Google's report said the RCS spyware it uncovered, and which was dubbed "Hermit", is the same one that Lookout reported on previously.
Italian spyware targets Apple, Android phones — Google
Google said it has warned Android users targeted by the spyware and ramped up software defences. Apple told AFP news agency it has taken steps to protect iPhone users. / Reuters Archive
June 23, 2022

An Italy-based firm's hacking tools have been used to spy on Apple and Android smartphones in Italy and Kazakhstan, Google said, casting a light on a "flourishing" spyware industry.

Google's threat analysis team said spyware made by RCS Lab targeted the phones using a combination of tactics including unusual "drive-by downloads" that happen without victims being aware.

Concerns over spyware were fueled by media outlets reporting last year that Israeli firm NSO's Pegasus tools were used by governments to surveil opponents, activists and journalists.

"They claim to only sell to customers with legitimate use for surveillanceware, such as intelligence and law enforcement agencies," mobile cybersecurity specialist Lookout said of companies like NSO and RCS.

"In reality, such tools have often been abused under the guise of national security to spy on business executives, human rights activists, journalists, academics and government officials," Lookout added.

Google's report said the RCS spyware it uncovered, and which was dubbed "Hermit", is the same one that Lookout reported on previously.

Lookout researchers said that in April they found Hermit being used by the government of Kazakhstan inside its borders to spy on smartphones, just months after anti-government protests in that country were suppressed.

"Like many spyware vendors, not much is known about RCS Lab and its clientele," Lookout said. "But based on the information we do have, it has a considerable international presence."

READ MORE:HRW investigator’s phones hacked with Israeli NSO software

Malicious tactics

Analysis of Hermit showed that it can be employed to gain control of smartphones, recording audio, redirecting calls, and collecting data such as contacts, messages, photos and location, Lookout researchers said.

Google and Lookout noted the spyware spreads by getting people to click on links in messages sent to targets.

"In some cases, we believe the actors worked with the target's ISP (internet service provider) to disable the target's mobile data connectivity," Google said.

"Once disabled, the attacker would send a malicious link via SMS asking the target to install an application to recover their data connectivity."

When not masquerading as a mobile internet service provider, the cyber spies would send links pretending to be from phone makers or messaging applications to trick people into clicking, researchers said.

"Hermit tricks users by serving up the legitimate webpages of the brands it impersonates as it kickstarts malicious activities in the background," Lookout researchers said.

Google said it has warned Android users targeted by the spyware and ramped up software defences. Apple told AFP news agency it has taken steps to protect iPhone users.

Google's threat team is tracking more than 30 companies that sell surveillance capabilities to governments, according to the Alphabet-owned tech titan.

"The commercial spyware industry is thriving and growing at a significant rate," Google said.

READ MORE: EU watchdog seeks a ban on NSO's surveillance tool Pegasus

SOURCE:AFP
Explore
Will Hezbollah fully disarm under US, Israeli pressure?
By Kazim Alam
Key moments to remember: July 15 coup attempt
Ukraine's Zelenskyy to appoint Shmyhal as new defence minister in government shake-up
Texas flood death toll rises to 131 as authorities warn of another round of storms
Cuomo to run as independent in NYC mayoral race despite his primary defeat
Pentagon awards $200M AI contracts to Google, OpenAI, Anthropic and Musk’s xAI
US Supreme Court gives Trump admin green light to resume Education Department dismantling
US cuts over 90% of foreign development programme budgets
Israeli soldier who participated in Gaza genocide kills himself at military base
Illegal Israeli settlers attacking Christian sites in West Bank: clerics
Türkiye urges end to violence in Syria's Suwayda region
Armenia-Azerbaijan peace process approaching resolution: Trump
Mediators intensify push to break Gaza ceasefire deadlock
Lebanon's central bank partners with US firm to fight terror financing
Heatwaves in Spain caused 1,180 deaths in past two months: ministry
Sneak a peek at TRT Global. Share your feedback!
Contact us