Google’s threat analysis team (TAG) has released information about the discovery of a new spyware called Hermit that can attack both Android and iOS devices. The biggest difference of this malicious program is that it is developed by a company for spying, it looks like it is made of commercial quality.
The first company to talk about Hermit was Lookout, which specializes in cybersecurity. It found malware attacking Android phones and says the program is able to root devices and steal information from your SMS messages, contact list, photos, GPS location, as well as access voice recording, calling and forwarding functions. , etc.
great to see @Google shine some light #iOS version #solitary. Lookout discovered the Android version of this #surveillance software Recently, developed by Italian #spyware vendor is RCS Lab and is used in Kazakhstan, Syria and Italy. https://t.co/oobzl4wEvJ
— The Lookout (@The Lookout) 24 June 2022
Google’s TAG team confirmed the existence of Hermit and was also able to find instances of infected iOS apps. In the case of both Android and iOS, the infected apps were .apk files from outside the manufacturers’ official stores.
As part of the Hermit scam, the victim receives an SMS pretending to be from their provider, indicating that they have downloaded an app from external official stores. The person downloads the app without knowing that it is infected with spyware or that it will download vulnerabilities to hack the phone.
commercial spyware
Hermit was active in Italy and Kazakhstan. Both TAG and Lookout point to an Italian company called RCS Lab as the possible developer of the app. And this type of product is legal, although unethical.
RCS Lab says it exports its products in Europe in full compliance with both national and continental rules and regulations. The company says that all sales and practices are only carried out after obtaining permission from the authorities in the region. For example, the situation is the same with Pegasus.
Source: Tec Mundo
