Victims were given a link to install malicious apps, which then spy on their activity on their mobile.
Software from an Italian firm specializing in communications surveillance was used to hack smartphones to spy on users in Italy and Kazakhstan, according to Google, which condemned a spyware industry “thriving”. “These companies reflect the proliferation of dangerous hacking tools and the arming of governments that would not otherwise be able to develop these skills” the tech giant said in a statement Thursday.
Google engineers explain that the victims, users of Android (Google) and iOS (Apple) smartphones, received a link to install malicious applications, which then make it possible to spy on their activity on their mobile or to extract documents. In some cases, hackers involved with the complicity of internet providers, and applications resemble those of operators. Otherwise they pretend to be messengers, like WhatsApp.
According to Google, the software is used by those of RCS Lab, a company that is Italian “Provides state-of-the-art technology solutions to security services for communication surveillance”, according to its website. She did not immediately react to a request from AFP. The California-based group, which has identified victims in Italy and Kazakhstan, said it warned users of infected Android devices and “made changes” to protect all users.
Apple took action
Apple, for its part, told AFP that it had also taken action against hackers. In September, the iPhone manufacturer had to urgently repair a computer flaw that Pegasus, the spyware from the Israeli company NSO, was able to exploit to infect the brand’s smartphones without even using links or buttons. trapped.
According to several associations that brought the mass espionage scandal to light via Pegasus last July, tens of thousands of phones were infected, including members of the French government. Google engineers, who track more than 30 companies in the industry, say the spyware industry is “thriving and growing rapidly.”
“Our research has shown how spyware vendors have propagated these tools which were historically only used by governments”they detail. “It makes the internet less secure and threatens the trust that users need.” They also point out that these tools, even legal under international law, are often used by governments for undemocratic purposes, in particular to target political activists, journalists or human rights defenders.