Google’s Threat Analysis Group (TAG) An advanced spyware campaign is using internet service providers to trick users into downloading malicious apps, according to research published by Hermit’s spyware Italian spyware company RCS Labs is associated with.
Spyware is also supported by some states
security research group lookout This has been demonstrated in previous findings. Lookout, RCS Labs Pegasus spyware claimed to be in the same line of business as NSO Group, the notorious company behind it, and to sell commercial spyware to various government agencies.
Researchers at Lookout found that Hermit’s Kazakhstan government and Italian authorities believes it is already in use. In line with these findings Googlehas identified victims in both countries. The company said it will also notify affected users.
Spyware itself a legitimate source It’s pretty good at hiding it. The app, which usually takes the form of a mobile operator or messaging app Androidto both iPhonecan infect. Google’s cybersecurity researchers say some attackers are trying to shut down victim’s mobile data to further their plans. internet service provider proved to be working.
The spyware then sends the victim to the victim via SMS. mobile operator pretending to be instructing them to download their own programs to restore their internet connection. Attackers, on the other hand, pirated software It also manages to reach phones by showing it as messaging applications.
Lookout and TAG researchers, hermit applications that contain Google Play or Apple App Store It says it’s not available for use. However, it turned out that the attackers were able to distribute their infected apps on iOS by signing up for Apple’s Developer Enterprise Program.
Thus, spyware App Store‘ was able to bypass the standard review process and obtain a certificate that ‘meets all iOS code signing requirements on an iOS device’. apple announced that it has revoked all accounts and certificates related to this software after these developments.
In addition to notifying affected users, Google Google Play Protect It also recommends updating the app. So what do you think about this subject? You can share your views with us in the comments section.