“Based on our analysis, the spyware, which we named ‘Hermit’ is likely developed by Italian spyware vendor RCS Lab and Tykelab Srl, a telecommunications solutions company we suspect to be operating as a front company,” the researchers said in a blog post. This isn’t the first time Hermit has been deployed. Italian authorities used it in an anti-corruption operation in 2019. “We also found evidence suggesting that an unknown actor used it in northeastern Syria, a predominantly Kurdish region that has been the setting of numerous regional conflicts,” the team noted.
Researchers discovered a new enterprise-grade Android spyware dubbed ‘Hermit,’ which is being used by governments to target high-profile individuals such as corporate leaders, human rights activists, journalists, academics, and government officials via SMS texts. In April, a team from cyber-security firm Lookout Threat Lab discovered the government of Kazakhstan’s’surveillanceware,’ four months after widespread rallies against government policies were ruthlessly quashed.
Hermit is a modular spyware that hides its malicious capabilities in packages downloaded after it’s deployed. These modules, along with the permissions the core apps have, enable Hermit to exploit a rooted device, record audio and make and redirect phone calls, as well as collect data such as call logs, contacts, photos, device location and SMS messages. We theorise that the spyware is distributed via SMS messages pretending to come from a legitimate source. The malware samples analysed impersonated the applications of telecommunications companies or smartphone manufacturers,” said the Lookout team.
RCS Lab, a known developer that has been active for over three decades, operates in the same market as Pegasus developer NSO Group Technologies and Gamma Group, which created FinFisher. RCS Lab has engaged with military and intelligence agencies in Pakistan, Chile, Mongolia, Bangladesh, Vietnam, Myanmar and Turkmenistan. Collectively branded as “lawful intercept” companies, they claim to only sell to customers with legitimate use for surveillanceware, such as intelligence and law enforcement agencies. “In reality, such tools have often been abused under the guise of national security to spy on business executives, human rights activists, journalists, academics and government officials,” the researchers warned.
Business Standard has always strived hard to provide up-to-date information and commentary on developments that are of interest to you and have wider political and economic implications for the country and the world. Your encouragement and constant feedback on how to improve our offering have only made our resolve and commitment to these ideals stronger. Even during these difficult times arising out of Covid-19, we continue to remain committed to keeping you informed and updated with credible news, authoritative views and incisive commentary on topical issues of relevance.