Google warns of 'hermit spyware' infecting Android and iOS devices
As part of Google's efforts to track the activities of commercial spyware vendors, the company's Threat Analysis Group (TAG) released a report Thursday on spyware campaigns targeting Android and iOS users.
Google TAG researchers Benoit Sevens and Clement Lecigne go into detail about the use of entrepreneurial grade spyware dubbed "Hermit." This sophisticated spyware tool allows attackers to steal data, private messages and make phone calls. In their report, TAG researchers attributed Hermit to RCS Labs, a commercial spyware vendor based in Italy.
Hermit poses many significant dangers. Due to its modularity, Hermit is quite customizable, allowing the functions of the spyware to be altered to the will of its user. Once fully situated on a target's phone, attackers can harvest sensitive information such as call logs, contacts, photos, precise location, and SMS messages.
An explainer:What is 'hermit spyware' and how can you protect yourself from it?
Sevens and Lecigne's full report details the ways in which attackers can access both Android and iOS devices through the use of clever tricks and drive-by attacks. Potential targets of this scam will have their data disabled through their ISP carrier before sending a malicious link via text to get them to ‘fix’ the issue. If that doesn't work, targets will be tricked into downloading malicious apps masqueraded as messaging applications.
Just last week, cybersecurity firm Lookout reported the use of Hermit by agents working in the governments of Kazakhstan, Syria, and Italy. Google has already identified victims in these countries, stating that "TAG is actively tracking more than 30 vendors with varying levels of sophistication and public exposure selling exploits or surveillance capabilities to government-backed actors."
The Milan-based company claims to provide "law enforcement agencies worldwide with cutting-edge technological solutions and technical support in the field of lawful interception for more than twenty years." More than 10,000 intercepted targets are purported to be handled daily in Europe alone.
Related Stories
- Man loses data for entire city's population after night out drinking
- Comparing popular VPNs? Folks on Reddit have some thoughts.
- Tim Hortons is being sued for tracking users
- Your privacy is at risk now that Roe v. Wade has fallen, experts warn
- New Amazon Alexa feature will creepily mimic dead loved one's voices
When reached out for comment by The Hacker News, RCS Labs said its "core business is the design, production, and implementation of software platforms dedicated to lawful interception, forensic intelligence, and data analysis" and that it "helps law enforcement prevent and investigate serious crimes such as acts of terrorism, drug trafficking, organized crime, child abuse, and corruption."
Still, the news of the spyware being used by state government agents is concerning. Not only does it erode trust in the safety of the internet but it also puts at risk the lives of anyone a government considers an enemy of the state such as dissidents, journalists, human rights workers, and opposition party politicians.
"Tackling the harmful practices of the commercial surveillance industry will require a robust, comprehensive approach that includes cooperation among threat intelligence teams, network defenders, academic researchers, governments, and technology platforms," Google TAG researchers wrote. "We look forward to continuing our work in this space and advancing the safety and security of our users around the world."
(责任编辑:行业动态)
- The Composer Has No Clothes
- 步步高k202哪里能买到(步步高K201与I530)
- 步步高手机最新款(步步高手机的软件)
- 换手机有什么推荐(准备换个手机比较了解手机的朋友帮忙推荐一款智能手机要 Andro ...)
- What to expect when a tech bubble bursts
- I went to an offline dating event for singles. Here's how it went.
- 步步高K201(步步高K201如何下载08版QQ)
- 理财通还是余额宝(理财通和余额宝到底哪个好)
- 诺基亚n9现在还能用吗(诺基亚N9快出来了…听说要5000多…你会要N9还是ihone 4呢)
- Apple finally sends out payments for MacBook's butterfly keyboard settlement
- 手足口病可以报销多少(手足口病可以报销保险吗)
- 衡水存款怎样(衡水存款安全吗)
- vivox20鎵嬫満灏哄(步步高K201是智能手机吗外观尺寸是多少谢谢````)
-
Yoon, US Senate's armed service committee chief discuss alliance, N.K. threats
President Yoon Suk Yeol (right) shakes hands with Sen. Jack Reed, chairman of the US Senate's a ...[详细] -
如何关闭花呗免密支付如何关闭花呗)2022-05-28 16:00:10苏绍忠导读大家好,小谷解答以上问题。如何关闭花呗免密支付,如何关闭花呗这个很多人还不知道,现在让我们一起来看看吧!解答:1、用户 ...[详细]
-
海底捞黑海会员要消费多少钱海底捞黑海会员要消费多少钱)2022-05-28 17:06:04毛航玉导读大家好,小谷解答以上问题。海底捞黑海会员要消费多少钱,海底捞黑海会员要消费多少钱这个很多人还不知道 ...[详细]
-
我的步步高手机的09版本的QQ怎么不能玩这个跟我使用的手机卡有 ...(我的步步高手机的09版本的QQ怎么不能玩这个跟我使用的手机卡有 ...)
我的步步高手机的09版本的QQ怎么不能玩这个跟我使用的手机卡有 ...我的步步高手机的09版本的QQ怎么不能玩这个跟我使用的手机卡有 ...)2022-05-27 16:45:09薛罡江导读 大家好, ...[详细] -
Tesla's big software update includes something called 'Night Curfew'
Tesla's latest car update is great news for parents who (unwisely?) let their kids borrow the car, a ...[详细] -
步步高k202哪里能买到步步高K201是什么时候生产的)2022-05-27 11:16:08王言以。步步高k202哪里能买到,步步高K201是什么时候生产的这个很多人还不知道,现在让我们一起来看看吧 ...[详细]
-
腾讯理财通和微信理财通一样吗(微信里面的理财通是腾讯公司的吗)
腾讯理财通和微信理财通一样吗微信里面的理财通是腾讯公司的吗)2022-05-28 08:18:02史乐榕导读大家好,小谷解答以上问题。腾讯理财通和微信理财通一样吗,微信里面的理财通是腾讯公司的吗这个很 ...[详细] -
BBK K201手机中毒后蓝牙无法使用杀毒后也无法使用我该怎么办师父?
BBK K201手机中毒后蓝牙无法使用杀毒后也无法使用我该怎么办师父?2022-05-28 15:58:05庾叶雅导读 大家好,小极解答以上问题。BBK K201手机中毒后蓝牙无法使用杀毒后也无法使用 ...[详细] -
Apple iPod: The First 10 Years of the Ubiquitous Media Player
#ThrowbackThursday: The iPod is one of the most iconic devices of the 21st century and the product t ...[详细] -
人民币兑美元中间报价是什么意思(人民币兑美元中间报价是多少)
人民币兑美元中间报价是什么意思人民币兑美元中间报价是多少)2022-05-27 23:42:02邢心可导读大家好,小谷解答以上问题。人民币兑美元中间报价是什么意思,人民币兑美元中间报价是多少这个很多人 ...[详细]