Google reveals sophisticated Italian spyware campaign targeting victims in Italy, Kazakhstan

Written by
Jun 23, 2022 | CYBERSCOOP

The little-known Italian spyware firm RCS Labs worked with unnamed internet service providers to install malicious apps on targets’ phones in Italy and Kazakhstan, researchers with Google’s Threat Analysis Group said Thursday.

In some cases, where ISP involvement wasn’t possible, Google researchers said the firm sent fake warning messages to targets telling them to click a link to restore access to a popular messaging app. The link would then install a malicious version of the app, giving the firm’s customers access to the device.

Google Threat Analysis Group

“Our findings underscore the extent to which commercial surveillance vendors have proliferated capabilities historically only used by governments with the technical expertise to develop and operationalize exploits,” Google’s Benoit Sevens and Clement Lecigne researchers wrote. “This makes the Internet less safe and threatens the trust on which users depend.”

Ian Beer, a researcher Google’s Project Zero, which studies previously undisclosed hardware and software vulnerabilities, published a detailed analysis of the since-fixed iOS vulnerability the firm used in its fake mobile phone provider app. The memory corruption exploitation at work is akin to the FORCEDENTRY zero-click exploit exposed late last

Read More: