Google details commercial spyware that targets both Android and iOS devices

Google has warned of an enterprise-grade spyware strain targeting Android and iOS mobile device users.

According to Google Threat Analysis Group (TAG) researchers Benoit Sevens and Clement Lecigne, as well as Project Zero, a distinct government and enterprise-grade iOS and Android spyware variant is now in active circulation.

Victims have been located in Italy and Kazakhstan.

The spyware, dubbed Hermit, is modular surveillanceware. After analyzing 16 out of 25 known modules, Lookout cybersecurity researchers said the malware will try to root devices and has features including: recording audio, redirecting or making phone calls, stealing swathes of information such as SMS messages, call logs, contact lists, photos, and exfiltrating GPS location data.

Lookout’s analysis, published on June 16, suggested that the spyware is sent via malicious SMS messages. TAG’s conclusion is similar, with unique links sent to a target masquerading as messages sent by an internet service provider (ISP) or a messaging application.

“In some cases, we believe the actors worked with the target’s ISP to disable the target’s mobile data connectivity,” Google says. “Once disabled, the attacker would send a malicious link via SMS asking the target to install an application to recover their data connectivity.”

The Lookout team could only

Read More: