(San Francisco) Software from an Italian communications surveillance company was used to hack into smartphones to spy on users in Italy and Kazakhstan, according to Google, which condemned a “thriving” spyware industry .
Posted at 4:01 p.m.
“These companies reflect the proliferation of dangerous hacking tools and arming governments that would not otherwise be able to develop these skills,” the tech giant said in a Thursday statement.
Google engineers explain that the victims, users of smartphones running Android (Google) and iOS (Apple), received a link to install malicious applications, which then allow them to spy on their activity on their mobile or extract documents.
In some cases, hackers involved with the complicity of internet providers, and applications resemble those of operators. Otherwise they pretend to be messengers, like WhatsApp.
According to Google, the software used is that of RCS Lab, an Italian company that “provides cutting-edge technological solutions to security services for communication surveillance”, according to its website. She did not immediately react to a request from AFP.
The California-based group, which has identified victims in Italy and Kazakhstan, says it warned users of infected Android devices and “made changes” to protect all users.
Apple, for its part, told AFP that it had also taken measures against hackers.
In September, the iPhone manufacturer had to urgently repair a computer flaw that Pegasus, the spyware from the Israeli company NSO, was able to exploit to infect the brand’s smartphones without even having recourse to links or trapped buttons.
According to several associations that brought the mass espionage scandal to light via Pegasus last July, tens of thousands of phones were infected, including members of the French government.
Google engineers, who closely track more than 30 companies in the industry, say the spyware industry is “thriving and growing rapidly.”
“Our research has shown how vendors of spying solutions have propagated these tools that were historically used only by governments,” they detail. “It makes the internet less secure and threatens the trust that users need.”
They also point out that these tools, even legal under international law, are often used by governments for undemocratic purposes, in particular to target political activists, journalists or human rights defenders.