时间:2025-04-02 18:14:07 来源:网络整理编辑:綜合
As part of Google's efforts to track the activities of commercial spyware vendors, the company's Thr
As part of Google's efforts to track the activities of commercial spyware vendors, the company's Threat Analysis Group (TAG) released a report Thursday on spyware campaigns targeting Android and iOS users.
Google TAG researchers Benoit Sevens and Clement Lecigne go into detail about the use of entrepreneurial grade spyware dubbed "Hermit." This sophisticated spyware tool allows attackers to steal data, private messages and make phone calls. In their report, TAG researchers attributed Hermit to RCS Labs, a commercial spyware vendor based in Italy.
Hermit poses many significant dangers. Due to its modularity, Hermit is quite customizable, allowing the functions of the spyware to be altered to the will of its user. Once fully situated on a target's phone, attackers can harvest sensitive information such as call logs, contacts, photos, precise location, and SMS messages.
An explainer:What is 'hermit spyware' and how can you protect yourself from it?
Sevens and Lecigne's full report details the ways in which attackers can access both Android and iOS devices through the use of clever tricks and drive-by attacks. Potential targets of this scam will have their data disabled through their ISP carrier before sending a malicious link via text to get them to ‘fix’ the issue. If that doesn't work, targets will be tricked into downloading malicious apps masqueraded as messaging applications.
Just last week, cybersecurity firm Lookout reported the use of Hermit by agents working in the governments of Kazakhstan, Syria, and Italy. Google has already identified victims in these countries, stating that "TAG is actively tracking more than 30 vendors with varying levels of sophistication and public exposure selling exploits or surveillance capabilities to government-backed actors."
The Milan-based company claims to provide "law enforcement agencies worldwide with cutting-edge technological solutions and technical support in the field of lawful interception for more than twenty years." More than 10,000 intercepted targets are purported to be handled daily in Europe alone.
When reached out for comment by The Hacker News, RCS Labs said its "core business is the design, production, and implementation of software platforms dedicated to lawful interception, forensic intelligence, and data analysis" and that it "helps law enforcement prevent and investigate serious crimes such as acts of terrorism, drug trafficking, organized crime, child abuse, and corruption."
Still, the news of the spyware being used by state government agents is concerning. Not only does it erode trust in the safety of the internet but it also puts at risk the lives of anyone a government considers an enemy of the state such as dissidents, journalists, human rights workers, and opposition party politicians.
"Tackling the harmful practices of the commercial surveillance industry will require a robust, comprehensive approach that includes cooperation among threat intelligence teams, network defenders, academic researchers, governments, and technology platforms," Google TAG researchers wrote. "We look forward to continuing our work in this space and advancing the safety and security of our users around the world."
TopicsCybersecurity
This company is hiring someone just to drink all day2025-04-02 18:07
Stray cat interrupts live Turkish news broadcast, casually sits on anchor's laptop2025-04-02 17:36
Florida fans leave Amy Schumer show after election talk gets too real2025-04-02 17:33
Marco Rubio warns Republicans to steer clear of WikiLeaks talk2025-04-02 17:28
Satisfy your Olympics withdrawals with Nike's latest app2025-04-02 17:21
'Rick and Morty' co2025-04-02 17:14
Smashed avocado millennial debate takes a turn for the ridiculously ironic2025-04-02 16:37
Julian Assange's internet's down and everyone on Twitter has a theory2025-04-02 16:34
Watch MTV's Video Music Awards 2016 livestream2025-04-02 16:07
If you want to decorate a Christmas tree for Halloween, no one is going to stop you2025-04-02 15:37
Dog elected for third term as mayor of Minnesota town2025-04-02 18:11
Marco Rubio warns Republicans to steer clear of WikiLeaks talk2025-04-02 18:08
iMessage hack floods Apple users with Chinese texts2025-04-02 18:01
Now four members of One Direction have solo deals2025-04-02 17:33
Pokémon Go is so big that it has its own VR porn parody now2025-04-02 17:14
Marco Rubio warns Republicans to steer clear of WikiLeaks talk2025-04-02 17:13
Now four members of One Direction have solo deals2025-04-02 16:59
'Vogue' makes historic political endorsement for U.S. presidency2025-04-02 16:22
Singapore gets world's first driverless taxis2025-04-02 16:04
Meet Percival the peacock: Defender of chickens, protector of the farm2025-04-02 16:00