Hermit (spyware)
   HOME

TheInfoList



Click Here for Items Related To - Hermit (spyware)
OR:
Hermit (spyware) on:   [Wikipedia]   [Google]   [Amazon]

Hermit is
spyware Spyware (a portmanteau for spying software) is software with malicious behaviour that aims to gather information about a person or organization and send it to another entity in a way that harms the user—for example, by violating their privac ...
developed by the Italian commercial spyware vendor RCS Lab that can be covertly installed on
mobile phone A mobile phone, cellular phone, cell phone, cellphone, handphone, hand phone or pocket phone, sometimes shortened to simply mobile, cell, or just phone, is a portable telephone that can make and receive calls over a radio frequency link whil ...
s running
iOS iOS (formerly iPhone OS) is a mobile operating system created and developed by Apple Inc. exclusively for its hardware. It is the operating system that powers many of the company's mobile devices, including the iPhone; the term also includes ...
and
Android Android may refer to: Science and technology * Android (robot), a humanoid robot or synthetic organism designed to imitate a human * Android (operating system), Google's mobile operating system ** Bugdroid, a Google mascot sometimes referred to ...
. The use of the software was publicized by
Google Google LLC () is an American multinational technology company focusing on search engine technology, online advertising, cloud computing, computer software, quantum computing, e-commerce, artificial intelligence, and consumer electronics. ...
's Threat Analysis Group (TAG) on June 23, 2022, and previously disclosed by the security research group Lookout.


Details

According to Lookout, RCS Lab is in the same business as
NSO Group NSO Group Technologies (NSO standing for Niv, Shalev and Omri, the names of the company's founders) is an Israeli cyber-intelligence firm primarily known for its proprietary spyware Pegasus, which is capable of remote zero-click surveillance o ...
, which gained notoriety for its
Pegasus spyware Pegasus is spyware developed by the Israeli cyber-arms company NSO Group that can be covertly installed on mobile phones (and other devices) running most versions of iOS and Android. Pegasus is able to exploit iOS versions up to 14.7, through ...
, and sells spyware to government agencies. Lookout believes Hermit has been deployed by the governments of Kazakhstan and Italy. Similar to Pegasus, Hermit is capable of tracking calls, location tracking, reading text messages, accessing photos, recording audio, making and intercepting phone calls, and could gain root on Android devices. Some attackers would pose as the victim's
mobile carrier A mobile network operator (MNO), also known as a wireless service provider, wireless carrier, cellular company, or mobile network carrier, is a provider of wireless communications services that owns or controls all the elements necessary to sell ...
, sometimes with the carrier's assistance, to trick the victim into downloading an app that would deliver the
payload Payload is the object or the entity which is being carried by an aircraft or launch vehicle. Sometimes payload also refers to the carrying capacity of an aircraft or launch vehicle, usually measured in terms of weight. Depending on the nature of ...
. Another vector used was posing as a legitimate messaging app. While apps containing the spyware were not made available on the
iOS app store The App Store is an app store platform, developed and maintained by Apple Inc., for mobile apps on its iOS and iPadOS operating systems. The store allows users to browse and download approved apps developed within Apple's iOS Software Deve ...
or Google Play store, malicious actors were able to obtain certificates allowing installation on any iOS device through
Apple An apple is an edible fruit produced by an apple tree (''Malus domestica''). Apple fruit tree, trees are agriculture, cultivated worldwide and are the most widely grown species in the genus ''Malus''. The tree originated in Central Asia, wh ...
's Developer Enterprise Program. Once Hermit was publicized, Apple said they revoked certificates related to it, and Google said they pushed Google Play Protect updates to all users.


See also

* List of spyware programs * IMSI-catcher


References


External links


Google's Threat Analysis Group blog

Lookout's website

Apple Developer Enterprise Program
{{Hacking in the 2020s Hacking in the 2020s Malware toolkits Android (operating system) malware IOS malware Espionage scandals and incidents Spyware Spyware used by governments