Posted on 06/25/2022 6:06:20 PM PDT by UMCRevMom@aol.com
A sophisticated spyware campaign is getting the help of internet service providers (ISPs) to trick users into downloading malicious apps, according to research published by Google’s Threat Analysis Group (TAG) (via TechCrunch). This corroborates earlier findings from security research group Lookout, which has linked the spyware, dubbed Hermit, to Italian spyware vendor RCS Labs.
Lookout says RCS Labs is in the same line of work as NSO Group — the infamous surveillance-for-hire company behind the Pegasus spyware — and peddles commercial spyware to various government agencies. Researchers at Lookout believe Hermit has already been deployed by the government of Kazakhstan and Italian authorities. In line with these findings, Google has identified victims in both countries and says it will notify affected users.
As described in Lookout’s report, Hermit is a modular threat that can download additional capabilities from a command and control (C2) server. This allows the spyware to access the call records, location, photos, and text messages on a victim’s device. Hermit’s also able to record audio, make and intercept phone calls, as well as root to an Android device, which gives it full control over its core operating system.
The spyware can infect both Android and iPhones by disguising itself as a legitimate source, typically taking on the form of a mobile carrier or messaging app. Google’s cybersecurity researchers found that some attackers actually worked with ISPs to switch off a victim’s mobile data to further their scheme. Bad actors would then pose as a victim’s mobile carrier over SMS and trick users into believing that a malicious app download will restore their internet connectivity. If attackers were unable to work with an ISP, Google says they posed as seemingly authentic messaging apps that they deceived users into downloading.
Researchers from Lookout and TAG say apps containing Hermit were never made available via the Google Play or Apple App Store. However, attackers were able to distribute infected apps on iOS by enrolling in Apple’s Developer Enterprise Program. This allowed bad actors to bypass the App Store’s standard vetting process and obtain a certificate that “satisfies all of the iOS code signing requirements on any iOS devices.”
Apple told The Verge that it has since revoked any accounts or certificates associated with the threat. In addition to notifying affected users, Google has also pushed a Google Play Protect update to all users.
Wow. I’m just throwing my phone away.
Let me know where you throw away your phone.
Google hates competition.
I am so sick of this crap. I just don’t know what to say anymore that makes a lick of difference in this country.
Bad actors = FIB
Notebook, index cards, pen and pencil . . .
Sometimes I check in to postings about my beloved early BlackBerry devices, e.g., Classic, which became obsolete in January of this year. There’s a common belief that they were encouraged (forced?) to dissolve because they were too secure, and un-hackable by the government. True? IDK.
The basic BB security was outstanding. Also, the physical keyboards added another level of security. The virtual keyboards are easier for spying.
This phone reads FR, controls my A/C,changes the color of a light bulb and makes phone calls...
That’s IT.
“Notebook, index cards, pen and pencil . . “
You forgot envelopes and stamps
I despise my smart phone and would be ok with a 3G flip phone — EXCEPT that I rely on Android navigation.
Google and Android IS spyware. They just don’t like the competitiion.
A couple of my Android phones have been acting up for a couple weeks
3G is mostly defunct, and I for one am not happy. I previously had a very small LG flip phone, and was forced to “upgrade” to a 4G flip model which I hate. It’s larger and I detest the interface. But it’s “progress”.
It is rather duplicitous of them.
If you’re really worried, just reset it to factory condition. You’ll need to set it up again, but how difficult is that?
Darn right. I'm a list person...like to keep a running to-do list. Short term, long term, etc. Used to walk around with one of these in my back pocket. Scratch thru items as I complete them. It's all on the phone nowadays, but it would be easy to go back to pad and pen.
“Let me know where you throw away your phone.”
LOL...you might need a scuba mask.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.