Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Google Privacy Security

Google is Notifying Android Users Targeted By Hermit Government-Grade Spyware (techcrunch.com) 8

Security researchers at Lookout recently tied a previously unattributed Android mobile spyware, dubbed Hermit, to Italian software house RCS Lab. Now, Google threat researchers have confirmed much of Lookout's findings, and are notifying Android users whose devices were compromised by the spyware. From a report: Hermit is a commercial spyware known to be used by governments, with victims in Kazakhstan and Italy, according to Lookout and Google. Lookout says it's also seen the spyware deployed in northern Syria. The spyware uses various modules, which it downloads from its command and control servers as they are needed, to collect call logs, record ambient audio, redirect phone calls and collect photos, messages, emails, and the device's precise location from a victim's device. Lookout said in its analysis that Hermit, which works on all Android versions, also tries to root an infected Android device, granting the spyware even deeper access to the victim's data. Lookout said that targeted victims are sent a malicious link by text message and tricked into downloading and installing the malicious app -- which masquerades as a legitimate branded telco or messaging app -- from outside of the app store.
This discussion has been archived. No new comments can be posted.

Google is Notifying Android Users Targeted By Hermit Government-Grade Spyware

Comments Filter:
  • Does it mean it uses exploits known by the feds but not reported to the vendors?

    • by Darinbob ( 1142669 ) on Thursday June 23, 2022 @01:30PM (#62645316)

      No it's "Hermit Government" grade. The unofficial grades of spyware has this range:
      - Kindergarten grade
      - Junior High School Whiz Kid grade
      - Change My High School Grades grade
      - College Hacker grade
      - Small Business grade
      - Big Democratic Government grade
      - Small Government grade
      - Enterprise grade
      - Authoritarian Government grade
      - Authoritarian Enterprise grade
      - Windows 11 grade
      - Google grade
      - Hermit Government grade
      - Socially Active Government grade
      - Putin grade

  • any info whatsoever on the attack vector? How they ever gain control of devices? something google refuses to patch (shared NSA backdoor? honest incompetence?) or simple regular  SMS + download misleading app right out of the play store?
    • "or simple regular SMS + download misleading app right out of the play store?"

      According to the summary, it's simple regular SMS directing the users to download the app from somewhere other than the app store.

  • by RogueWarrior65 ( 678876 ) on Thursday June 23, 2022 @12:30PM (#62645100)

    And that, folks, is why mandating sideloading should be looked at with a jaundiced eye.

    • by Creepy ( 93888 )

      Sideloading is turned off by default by Android.

      I'd be curious if the exploit tricks the user into turning it off or how exactly that part works. It seems like it would only be an exploit affecting developers like me that need (or needed as it were) to sideload.

"...a most excellent barbarian ... Genghis Kahn!" -- _Bill And Ted's Excellent Adventure_

Working...