HOME

TheInfoList



Click Here for Items Related To - Hermit (spyware)
OR:
Hermit (spyware) on:   [Wikipedia]   [Google]   [Amazon]

Hermit is
spyware Spyware (a portmanteau for spying software) is any malware that aims to gather information about a person or organization and send it to another entity in a way that harms the user by violating their privacy, endangering their device's securit ...
developed by the Italian commercial spyware vendor RCS Lab that can be covertly installed on
mobile phone A mobile phone or cell phone is a portable telephone that allows users to make and receive calls over a radio frequency link while moving within a designated telephone service area, unlike fixed-location phones ( landline phones). This rad ...
s running
iOS Ios, Io or Nio (, ; ; locally Nios, Νιός) is a Greek island in the Cyclades group in the Aegean Sea. Ios is a hilly island with cliffs down to the sea on most sides. It is situated halfway between Naxos and Santorini. It is about long an ...
and
Android Android most commonly refers to: *Android (robot), a humanoid robot or synthetic organism designed to imitate a human * Android (operating system), a mobile operating system primarily developed by Google * Android TV, a operating system developed ...
. The use of the software was publicized by
Google Google LLC (, ) is an American multinational corporation and technology company focusing on online advertising, search engine technology, cloud computing, computer software, quantum computing, e-commerce, consumer electronics, and artificial ...
's Threat Analysis Group (TAG) on June 23, 2022, and previously disclosed by the security research group Lookout.


Details

According to Lookout, RCS Lab is in the same business as
NSO Group NSO Group Technologies (NSO standing for Niv, Shalev and Omri, the names of the company's founders) is an Israeli cyber-intelligence firm primarily known for its proprietary spyware Pegasus, which is capable of remote zero-click surveillance ...
, which gained notoriety for its
Pegasus spyware Pegasus is spyware developed by the Israeli cyber-arms company NSO Group that is designed to be covertly and remotely installed on mobile phones running iOS and Android. While NSO Group markets Pegasus as a product for fighting crime and terro ...
, and sells spyware to government agencies. Lookout believes Hermit has been deployed by the governments of Kazakhstan and Italy. Similar to Pegasus, Hermit is capable of tracking calls,
location tracking A positioning system is a system for determining the position of an object in space. Positioning system technologies exist ranging from interplanetary coverage with meter accuracy to workspace and laboratory coverage with sub-millimeter accuracy. ...
, reading text messages, accessing photos, recording audio, making and intercepting phone calls, and could gain root on Android devices. Some attackers would pose as the victim's
mobile carrier A mobile network operator (MNO), also known as a mobile network provider, mobile network carrier, mobile , wireless service provider, wireless carrier, wireless operator, wireless telco, or cellular company, is a telecommunications provider of se ...
, sometimes with the carrier's assistance, to trick the victim into downloading an app that would deliver the
payload Payload is the object or the entity that is being carried by an aircraft or launch vehicle. Sometimes payload also refers to the carrying capacity of an aircraft or launch vehicle, usually measured in terms of weight. Depending on the nature of t ...
. Another vector used was posing as a legitimate messaging app. While apps containing the spyware were not made available on the
iOS app store The App Store is an app marketplace developed and maintained by Apple, for mobile apps on its iOS and iPadOS operating systems. The store allows users to browse and download approved apps developed within Apple's iOS SDK. Apps can be download ...
or
Google Play Google Play, also known as the Google Play Store, Play Store, or sometimes the Android Store (and was formerly Android Market), is a digital distribution service operated and developed by Google. It serves as the official app store for certifie ...
store, malicious actors were able to obtain certificates allowing installation on any iOS device through
Apple An apple is a round, edible fruit produced by an apple tree (''Malus'' spp.). Fruit trees of the orchard or domestic apple (''Malus domestica''), the most widely grown in the genus, are agriculture, cultivated worldwide. The tree originated ...
's Developer Enterprise Program. Once Hermit was publicized, Apple said they revoked certificates related to it, and Google said they pushed Google Play Protect updates to all users.


See also

* List of spyware programs *
IMSI-catcher An international mobile subscriber identity (IMSI) catcher is a telephone eavesdropping device used for intercepting mobile phone traffic and tracking location data of mobile phone users. Essentially a "fake" mobile tower acting between the targ ...


References


External links


Google's Threat Analysis Group blog

Lookout's website

Apple Developer Enterprise Program
{{Hacking in the 2020s Hacking in the 2020s Malware toolkits Android (operating system) malware IOS malware Espionage scandals and incidents Spyware Spyware used by governments