Google identifies “Italian” spyware targeting Android and iOS

In the current panorama of smartphones , whether they are Android or iOS , great efforts are being made to safeguard privacy and security of users. In this context, Google’s team Threat Analysis Group found one spyware which closely concerns Italy .

Amazon Offers

The identifying name of the spyware is Hermit and would have been developed by RCS Lab , a Italian company that provides services to national and international law enforcement agencies. According to the findings of the Google team, this spyware has been active in Italy and in Kazakhstan, stealing personal data from users without their consent.

Hermit is able to act with the collaboration of network service providers local, which would have the role of interrupting connectivity to and from the victim’s smartphone. Hermit then sends a message containing a link, with the purpose of to induce the user to install an app to restore connectivity services. This app actually contains packages to make the spyware operational.

In other cases, Hermit used screenshots relating to the social networks , artfully created to trick the user into believing that access to social was blocked and that recovery would be possible by installing a specific app .

Acting through a sideload therefore, or without the need to host the spyware app on the Play Store where it would have been more easily recognizable by Google’s security tools, the bad guys behind Hermit were able to get hold of personal information from users via their smartphones.

Once operational in the device, Hermit is able to record phone calls , read the notifications and related texts and access the internal storage of the device. Spyware would be able to act on both Android and iOS.

Google explicitly mentioned RCS Lab as the ones behind the spyware. This on Android devices would also have been able to disguise itself as an official Samsung app .

Following the discovery, Google reported that it further improved its built-in security tools on Android, such as Play Protect. Therefore, we can expect that, at least Android devices are less vulnerable to Hermit. On the other hand, it is interesting, and in some ways worrying , to note how in this case the spyware was conceived not to exploit a software vulnerability but to circumvent the current integrated security systems, which are proved insufficient.

Leave a Reply

Your email address will not be published.