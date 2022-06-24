Google raises the alarm over Hermit hack that targets both iPhones and Android
The Threat Analysis Group (TAG) of Google is warning that a new spyware originating from an Italian security company is making its way on the Android phone hacking scene. Based in Milan, the RCS Lab has concocted a spyware that resembles the infamous Pegasus one by the Israeli company NSO Group in that once installed it can log your phone's activities undetected.
The difference is that RCS Lab's spy tools. collectively called Hermit, target both Android and iPhones, although Apple says it has removed all known accounts and certifications connected with Hermit.
In its turn, RCS Lab claims that all of its software complies with EU regulations and that it is "the leading European provider of complete lawful interception services, with more than 10,000 intercepted targets handled daily in Europe alone."
Those targets included iPhones and Androids in Italy and Kazakhstan, Google's TAG team found out, noting that companies like RCS "are enabling the proliferation of dangerous hacking tools and arming governments that would not be able to develop these capabilities in-house."
Google has notified those affected by Hermit and clarified how the hacking tool is spreading - by clicking a link in a message - in order to warn Android users.
In some cases, we believe the actors worked with the target’s ISP (internet service provider) to disable the target’s mobile data connectivity,. Once disabled, the attacker would send a malicious link via SMS asking the target to install an application to recover their data connectivity.
Collaborating Lookout researchers add that "Hermit tricks users by serving up the legitimate webpages of the brands it impersonates as it kickstarts malicious activities in the background." While not a zero-click exploit as Pegasus, Hermit can still track what you type, speak, or your whereabouts, and that's why Google is raising the alarm.
