New spyware that is solely designed to attack Android devices is now on the rise.
Alarms were recently generated by a watchdog in Kazakhstan who warned that its own citizens were currently under attack. The news was confirmed by a new research report carried out by the Lookout Threat Lab.
The spyware is known to comprise a program that goes by the name Hermit and has been said to possess some strong connections with one spyware provider from Italy named RCS Lab. Moreover, the spyware’s front company has also been delineated in the report as Tykelab.
But research further shed light on how the malware was deployed in several parts of Kazakhstan and they even go as far as saying they know that an entire Government based entity was thought to be behind the act.
The report also elaborated on how this is the first time that it ever publicly presented a vulnerable target in the form of a customer that was affected by the new and dangerous malware.
The malware was said to be detected when it was caught trying to copy Chinese electronics belonging to leading firm Oppo during the month of April of this year. This led to it analyzing up to 16 of its 25 modules to be sure.
According to the research conducted on the Hermit malware, modules and the permissions that apps give them are able to exploit various Android devices. This includes carrying out detrimental functions like recording audio and videos while redirecting calls. Let’s not forget how the malware has the ability to collect a significant amount of data in the form of call logs, images, locations, texts, and contacts too.
The sample infected with malware had been analyzed for the way they impersonated different apps belonging to different tech giants or even those installed by smartphone makers.
But how exactly is the malware able to do so much without anyone noticing? Well, the answer is that Hermit gives users the comfort of putting out legitimate web pages belonging to brands that it likes to copy while kickstarting a number of illegal activities behind the scene.
Wait, there is more. Previous data has gone on to show how Hermit has had a very shady past too. It was made use of by Italian authorities in 2019 to help crackdown against corruption campaigns.
Some reports go as far as mentioning that it has played a role in Syria too where it took part in a series of regional conflicts in that part of the world.
Interestingly, the RCS Lab isn’t some sort of new entity. It has been in the business for quite some time now. And we’re talking a good 30 years. Similarly, there is evidence of being owned by a leading spyware firm that is known to sell products to ‘legitimate’ consumers including intelligence agencies belonging to the Government.
The report concluded by saying such tools have been exploited solely because they’re getting protection from big shots like the natural security so they can be used for surveillance purposes.
Read next: Nearly 15 Billion Accounts Suffered Personal Data Leaks Since 2004 According to This Report
Alarms were recently generated by a watchdog in Kazakhstan who warned that its own citizens were currently under attack. The news was confirmed by a new research report carried out by the Lookout Threat Lab.
The spyware is known to comprise a program that goes by the name Hermit and has been said to possess some strong connections with one spyware provider from Italy named RCS Lab. Moreover, the spyware’s front company has also been delineated in the report as Tykelab.
But research further shed light on how the malware was deployed in several parts of Kazakhstan and they even go as far as saying they know that an entire Government based entity was thought to be behind the act.
The report also elaborated on how this is the first time that it ever publicly presented a vulnerable target in the form of a customer that was affected by the new and dangerous malware.
The malware was said to be detected when it was caught trying to copy Chinese electronics belonging to leading firm Oppo during the month of April of this year. This led to it analyzing up to 16 of its 25 modules to be sure.
According to the research conducted on the Hermit malware, modules and the permissions that apps give them are able to exploit various Android devices. This includes carrying out detrimental functions like recording audio and videos while redirecting calls. Let’s not forget how the malware has the ability to collect a significant amount of data in the form of call logs, images, locations, texts, and contacts too.
The sample infected with malware had been analyzed for the way they impersonated different apps belonging to different tech giants or even those installed by smartphone makers.
But how exactly is the malware able to do so much without anyone noticing? Well, the answer is that Hermit gives users the comfort of putting out legitimate web pages belonging to brands that it likes to copy while kickstarting a number of illegal activities behind the scene.
Wait, there is more. Previous data has gone on to show how Hermit has had a very shady past too. It was made use of by Italian authorities in 2019 to help crackdown against corruption campaigns.
Some reports go as far as mentioning that it has played a role in Syria too where it took part in a series of regional conflicts in that part of the world.
Interestingly, the RCS Lab isn’t some sort of new entity. It has been in the business for quite some time now. And we’re talking a good 30 years. Similarly, there is evidence of being owned by a leading spyware firm that is known to sell products to ‘legitimate’ consumers including intelligence agencies belonging to the Government.
The report concluded by saying such tools have been exploited solely because they’re getting protection from big shots like the natural security so they can be used for surveillance purposes.
Read next: Nearly 15 Billion Accounts Suffered Personal Data Leaks Since 2004 According to This Report
