Google: ‘Italian company responsible for new spyware’

A security company from Milan is responsible for developing the Hermit spy software. With the eavesdropping program, it is possible to spy on both Android and iOS users. Internet service providers helped distribute the spyware.

That’s what Google’s Threat Analysis Group (TAG) suggests. In a blog , the cybersecurity experts at the internet company describe the spy software called Hermit.

This is how hackers infect smartphones with Hermit

The spyware was discovered earlier this month by Lookout’s security experts. Google’s security researchers confirm how dangerous the Italian company’s bugging program is. In the eyes of Google, Hermit is proof that commercial parties today are just as good at developing spy software that could previously only be made by experts from governments.

According to the members of TAG, Hermit must be installed manually on smartphones. In all cases known to the research team, victims received a link that redirected them to a malicious page. From there, the rogue application was installed.

Spyware installed via ISP or fake message

If the victims did not fall for this, the hackers would disconnect their target’s mobile phone via Internet Service Providers (ISPs). Once disabled, they sent victims a text message with malicious URL. In it, they were asked to install an application to restore the data connection. In reality, victims infected their cell phones with Hermit.

Once installed, the spyware can download all kinds of modules from its server on its own. This allows cybercriminals to view photos and videos, view call history, listen in on phone calls, record sound, and transmit location information, among other things. Hermit would even try to get root access to Android phones, which in theory could do a lot more.

Even without internet providers it is possible to infect an Android phone or iPhone with the spy software. In that case, the hackers pretend that an application needs to be installed to regain control of their Facebook, WhatsApp or Instagram account.

RCS Lab denies involvement in criminal activities

Hermit was developed by the Italian company RCS Lab. Google says the spy software is being used to eavesdrop on smartphone users in Italy, Kazakhstan and Syria. Exactly how hackers work with internet providers is unclear. In particular, a Kurdish region in Syria is said to be making full use of the spyware.

RCS Lab says that all its products and services comply with European regulations. In fact, its software is widely used by investigative and enforcement authorities to solve crimes. “The RCS Lab staff has not been exposed to, nor does it participate in, any activities carried out by the affected customers,” a spokesperson told Reuters news agency.

Security experts say Hermit isn’t as advanced as Pegasus, but just as dangerous. A European Parliament inquiry committee is currently investigating the extent to which Pegasus is being used in Europe to wiretap politicians, journalists and human rights activists. During the first questioning last week, legal counsel for NSO Group, the company that developed Pegasus, said at least five EU member states are using the company’s spy software . At the beginning of next year, the committee will present the most important findings.

Catch up on more articles here

Follow us on Twitter here

Popular

Must read

MORE ON THIS TOPIC:

Related Posts