"Exclusive" New spyware more dangerous than Pegasus revealed

in #hermit3 years ago (edited)

"Exclusive" New spyware more dangerous than Pegasus revealed

cyber-security-784x441.jpg

Welcome, I will present to you a new topic in which I will touch on the latest news in the world of cyberspace, cyber attacks and espionage wars.

I've recently discovered an enterprise-level monitoring and spying tool called Hermit, and it has been used by entities operating from within Kazakhstan, Syria, and Italy over the years since 2019.

Lookout has attributed the spyware designed to target both Android and IOS to an Italian company called RCS Lab SPA and Tykelab SRL, a communications service provider suspected of being a front company.

The San Francisco-based cybersecurity firm said it spotted the campaign targeting cyber attacks on Kazakhstan in April 2022.

Hermit is a new modular system that comes with countless capabilities and features that allow it to have many capabilities such as rooting, recording voice, making phone calls and forwarding them to others, in addition to collecting data such as call logs, contacts, photos, device location and SMS messages.

In a security report, Lookout researchers Justin Albrecht and Paul Shank also said that the spyware is distributed via SMS messages that trick users into installing what appear to be harmless Samsung/Vivo/Oppo apps, which when opened download a website from the spoofed company. While activating the espionage series, it is hidden in the background.

Like other Android malware threats, Hermit is designed to abuse its permissions for accessibility services and other essential components of the operating system (like contacts, camera, calendar, clipboard, etc.) most of its harmful activities and control of the entire device.

Android devices have been the recipient of spyware in the past or in November 2021, then a traced threat actor named APT-C-23 (also known as Arid Viper) has been linked to a wave of attacks targeting Middle Eastern users using new variants of FrozenCell.

Then last month, Google's Threat Analysis Group (TAG) revealed that at least government-backed actors in Egypt, Armenia, Greece, Madagascar, Côte d'Ivoire, Serbia, Spain and Indonesia are buying Android Zero Day to covertly monitor campaigns.

The researchers noted that "RCS Lab" is a well-known and active developer for more than three decades, working in the same intelligence market as Pegasus developer NSO Group Technologies and Gamma Group that created FinFisher software.

The findings also come as Israel-based NSO Group is said to be in talks to sell its Pegasus software technology to US defense contractor L3Harris, the company that makes StingRay cellphone-tracking devices, sparking fears it could open the door to US law enforcement.

They are also collectively categorized as "lawful intercept" companies claiming to only sell to clients who have legitimate use of surveillance software, such as intelligence agencies and law enforcement to help them fight terrorism and outlaws, but these tools are often misused under the guise of national security spying. on business executives, human rights activists, journalists, academics, and government officials.

The German manufacturer behind FinFisher has also been in trouble following the 2020 raids by investigative authorities regarding suspected violations of foreign trade laws by selling their spyware in Turkey without obtaining the required license.

Earlier in March, it closed its operations and filed for bankruptcy, Netzpolitik and Bloomberg reported in a report, saying: "The office has been dissolved, employees have been laid off and business operations have ceased."

Here the article ends, but it is our societal duty to remind you that, spying wars and monitoring users around the world have become one of the things that generally happen in developed countries, countries are now seeking to spread global spyware to fight each other from different aspects such as the economy and control over Markets and studying the proven development plans of some countries such as China, Egypt and the United States.

Also, governments have resorted to officially using new high-powered spyware for security purposes, and from here we must note that the near future is heading to the world of cyberspace, and every user and person looking for knowledge must start learning programming and information security so that he is aware of what revolves around it.

And last but not least, I hope that you have benefited from the presented article and to another topic, God willing.

Bota