Google warns of ‘hermit spyware’ infecting Android and iOS devices
To help Google investigate the actions of commercial spyware companies its Threat Analysis Group (TAG) published a report on Thursday, focusing on the spyware attacks targeting Android as well as iOS users.
Security researchers from Lookout recently linked a previously unknown Android smartphone spyware codenamed Hermit and attributed to Italian software company RCS Lab. The company is now Google threats researchers are confirming a lot of the research findings from Lookout and have begun to notify Android users who’s devices were affected with the virus.
Google stated that attackers collaborated together with ISPs of victims in certain instances to block their mobile devices, then sending an SMS using an infected link with the intention of returning connectivity.
Google warns victims of Kazakhstan as well as Italy that they’re at risk of being targeted by Hermit spyware the sophisticated and modular spyware made by Italian supplier RCS Labs that not only is able to steal data, but also records and makes calls.
You Might Be Interested In: The Ultimate Guide to Cyber Attacks: Full of Knowledge and Tips
What do you need to be aware of regarding Hermit Spyware
researchers are also working to raise awareness that the surveillance-for-hire industry goes far beyond one company. On Thursday, the Threat Analysis Group as well as the Project Zero vulnerability analysis team released findings on an iOS versions of the spyware application which is believed to be the work of an Italian company RCS Labs.
Hermit is a popular commercial spyware that has been proven to be utilized by government agencies with victims from Kazakhstan and Italy According to Lookout and Google. Lookout reports that it has also discovered the spyware is being used across northern Syria.
Hermit is a risky program that poses a variety of serious risks. Because of its modularity, Hermit is highly customizable and allows the features for the software to be altered according to the needs of the users. Once it is firmly installed on the target’s mobile hackers can steal sensitive data such as contact logs, call logs, photos, exact location information or SMS message.
The full report of Sevens and Lecigne provides the means by the attackers have access to Android as well as iOS devices by making use of clever techniques or drive-by-attacks. People who could be victims of this fraud will have their data blocked by their ISP carrier prior to sending an untrue link in text to prompt them to fix the problem. If this doesn’t work users could be lured to download malicious applications disguised as messaging apps.
In their investigation of iOS versions, Google researchers found that hackers distributed the iOS spyware by using an app that was designed to resemble My Vodafone app from the well-known international mobile operator.
The spyware utilizes diverse modules, that are downloaded by its control and command servers when they’re required, to record call logs, record ambient sound redirect phone calls, and gather photos, messages email addresses as well as the exact location of the device from the victim’s device.