时间:2025-04-26 20:02:41 来源:网络整理编辑:綜合
As part of Google's efforts to track the activities of commercial spyware vendors, the company's Thr
As part of Google's efforts to track the activities of commercial spyware vendors, the company's Threat Analysis Group (TAG) released a report Thursday on spyware campaigns targeting Android and iOS users.
Google TAG researchers Benoit Sevens and Clement Lecigne go into detail about the use of entrepreneurial grade spyware dubbed "Hermit." This sophisticated spyware tool allows attackers to steal data, private messages and make phone calls. In their report, TAG researchers attributed Hermit to RCS Labs, a commercial spyware vendor based in Italy.
Hermit poses many significant dangers. Due to its modularity, Hermit is quite customizable, allowing the functions of the spyware to be altered to the will of its user. Once fully situated on a target's phone, attackers can harvest sensitive information such as call logs, contacts, photos, precise location, and SMS messages.
An explainer:What is 'hermit spyware' and how can you protect yourself from it?
Sevens and Lecigne's full report details the ways in which attackers can access both Android and iOS devices through the use of clever tricks and drive-by attacks. Potential targets of this scam will have their data disabled through their ISP carrier before sending a malicious link via text to get them to ‘fix’ the issue. If that doesn't work, targets will be tricked into downloading malicious apps masqueraded as messaging applications.
Just last week, cybersecurity firm Lookout reported the use of Hermit by agents working in the governments of Kazakhstan, Syria, and Italy. Google has already identified victims in these countries, stating that "TAG is actively tracking more than 30 vendors with varying levels of sophistication and public exposure selling exploits or surveillance capabilities to government-backed actors."
The Milan-based company claims to provide "law enforcement agencies worldwide with cutting-edge technological solutions and technical support in the field of lawful interception for more than twenty years." More than 10,000 intercepted targets are purported to be handled daily in Europe alone.
When reached out for comment by The Hacker News, RCS Labs said its "core business is the design, production, and implementation of software platforms dedicated to lawful interception, forensic intelligence, and data analysis" and that it "helps law enforcement prevent and investigate serious crimes such as acts of terrorism, drug trafficking, organized crime, child abuse, and corruption."
Still, the news of the spyware being used by state government agents is concerning. Not only does it erode trust in the safety of the internet but it also puts at risk the lives of anyone a government considers an enemy of the state such as dissidents, journalists, human rights workers, and opposition party politicians.
"Tackling the harmful practices of the commercial surveillance industry will require a robust, comprehensive approach that includes cooperation among threat intelligence teams, network defenders, academic researchers, governments, and technology platforms," Google TAG researchers wrote. "We look forward to continuing our work in this space and advancing the safety and security of our users around the world."
TopicsCybersecurity
Here's George Takei chilling in zero gravity for the 'Star Trek' anniversary2025-04-26 19:56
Elon Musk says sending profane email 'one of the dumbest things I've ever done'2025-04-26 19:47
YouTube Kids' parental controls are easily bypassed2025-04-26 19:29
Boris Johnson will need some ice to recover from this woman's ruthless burn2025-04-26 18:44
Mall builds real2025-04-26 18:33
Not just Big Tech: FBI gets personal data from banks and universities, too2025-04-26 18:04
The Amazon rainforest has a point of no return2025-04-26 17:56
Support for Facebook's cryptocurrency is already falling apart2025-04-26 17:44
New Zealand designer's photo series celebrates the elegance of aging2025-04-26 17:39
Hands on with the improved Galaxy Fold: This one probably won't break2025-04-26 17:28
This coloring book is here for all your relationship goals2025-04-26 19:56
Facebook clamps down on political advertisers ahead of 2020 elections2025-04-26 19:51
Trump and John Bolton have an 'I fired you/no I quit' Twitter fight2025-04-26 19:38
'Little Monsters': The sneaky, heart2025-04-26 18:57
Darth Vader is back. Why do we still care?2025-04-26 18:55
Scooter rental companies are at the mercy of cities2025-04-26 18:26
Elon Musk says sending profane email 'one of the dumbest things I've ever done'2025-04-26 18:19
We regret to inform you that you can now date Colonel Sanders in KFC's new dating sim2025-04-26 18:13
Hiddleswift finally followed each other on Instagram after 3 excruciating days2025-04-26 17:48
Amazon's newest kid2025-04-26 17:41