GOOGLE has warned of a nasty new spyware targeting iPhones and Android phones.
Hacking tools from an Italy-based firm were used to spy on smartphones in Italy and Kazakhstan, the search giant said on Thursday, shedding light on a “thriving” spyware industry.
Google’s threat analysis team said the spyware, manufactured by RCS Lab, targeted the phones using a combination of tactics.
These tactics included unusual “drive-by downloads” that happen without victims noticing.
Concerns about spyware were fueled by media reports last year that Israeli company NSO’s Pegasus tools were being used by governments to monitor opponents, activists and journalists.
“They claim to only sell to customers with legitimate uses for surveillance software, such as B. Secret services and law enforcement agencies,” said Lookout, a specialist in mobile cybersecurity, of companies like NSO and RCS.
“In reality, such tools have often been misused under the guise of national security to spy on businesspeople, human rights activists, journalists, academics and government officials,” Lookout added.
According to Google’s report, the RCS spyware discovered, named “Hermit,” is the same one that Lookout previously reported on.
Lookout researchers said they discovered in April that Hermit was being used by the Kazakh government within its borders to spy on smartphones.
It came just months after anti-government protests were suppressed in that country.
“As with many spyware vendors, not much is known about RCS Lab and its customers,” Lookout said.
“Based on the information we have, it has a significant international presence.”
Evidence suggests Hermit was used in a predominantly Kurdish region of Syria, the mobile security firm said.
Analysis of Hermit showed that it can be used to take control of smartphones, record audio, redirect calls and collect data such as contacts, messages, photos and locations, Lookout researchers said.
Google and Lookout noticed the spread of spyware by tricking people into clicking links in messages sent to destinations.
“In some cases, we believe the actors worked with the target’s ISP (Internet Service Provider) to disable the target’s cellular data connection,” Google said.
“Once disabled, the attacker sent a malicious link via SMS, prompting the target to install an application to restore their data connectivity.”
When not posing as a mobile internet service provider, the cyberspies send links pretending to be from phone makers or messaging apps to trick people into clicking, researchers said.
“Hermit deceives users by serving up the legitimate websites of the brands it impersonates while launching malicious activity in the background,” Lookout researchers said.
Google said it warned Android users affected by the spyware and stepped up software defenses. Apple told AFP it has taken steps to protect iPhone users.
Google’s threat team is tracking more than 30 companies that sell surveillance capabilities to governments, according to the Alphabet-owned tech titan.
“The commercial spyware industry is thriving and growing at a significant rate,” said Google.
Cyber experts advise not to click on links sent in texts or emails from unknown numbers or contacts.
This can lead to a phishing attack or worst case, spyware being loaded onto your phone.
- Read the latest phone and gadget news
- Stay up to date on Apple stories
- Get the latest on Facebook, WhatsApp and Instagram
We pay for your stories! Do you have a story for The Sun Online Tech & Science Team? Email us at firstname.lastname@example.org
https://www.thesun.ie/tech/8999172/google-warning-iphone-users-attack/ Google warns ALL iPhone users of major attack – NEVER make terrible message mistake