But in some particularly dramatic cases of iOS targeting, Google found that attackers may have been working with local ISPs to cut off a specific user's mobile data connection, send them a malicious download link over SMS, and convince them to install the fake My Vodafone app over Wi-Fi with the promise that this would restore their cell service.Īttackers were able to distribute the malicious app because RCS Labs had registered with Apple's Enterprise Developer Program, apparently through a shell company called 3-1 Mobile SRL, to obtain a certificate that allows them to sideload apps without going through Apple's typical AppStore review process. In both Android and iOS attacks, attackers may have simply tricked targets into downloading what appeared to be a messaging app by distributing a malicious link for victims to click. In their analysis of the iOS version, Google researchers found that attackers distributed the iOS spyware using a fake app meant to look like the My Vodafone app from the popular international mobile carrier. But there is little or no transparency into this industry, that's why it's critical to share information about these vendors and their capabilities.” TAG says it currently tracks more than 30 spyware makers that offer an array of technical capabilities and levels of sophistication to government-backed clients. “These vendors are enabling the proliferation of dangerous hacking tools, arming governments that would not be able to develop these capabilities in-house. “Google has been tracking the activities of commercial spyware vendors for years, and in that time we have seen the industry rapidly expand from a few vendors to an entire ecosystem,” TAG security engineer Clement Lecigne tells WIRED. In addition to victims located in Italy and Kazakhstan, Lookout also found data indicating that an unidentified entity used the spyware for targeting in northeastern Syria. Lookout notes that Italian officials used a version of the spyware during a 2019 anti-corruption probe. Last week, the security firm Lookout published findings about the Android version of the spyware, which it calls “Hermit” and also attributes to RCS Labs. Google researchers say they detected victims of the spyware in Italy and Kazakhstan on both Android and iOS devices.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |