An Italian company’s technology has been used to hack smartphones to spy on users in Italy, Syria and Kazakhstan, according to the web giant.
New spyware has been discovered on iOS and Android by Google specialists. Nicknamed Hermit, it would have been developed by RCS Lab, an Italian company which “provides cutting-edge technological solutions to security services for communication surveillance”, according to its website. She did not immediately react to a request from AFP. “These companies reflect the proliferation of dangerous hacking tools and arming governments that would not otherwise be able to develop these skills,” the tech giant said in a Thursday statement.
Google engineers explain that the victims, users of Android (Google) and iOS (Apple) smartphones, received a link to install malicious applications, which then make it possible to spy on their activity on their mobile or to extract documents. In some cases, hackers involved with the complicity of internet providers, and applications resemble those of operators. Otherwise they pretend to be messengers, like WhatsApp.
The California-based group, which has identified victims in Italy, Syria and Kazakhstan, said it warned users of infected Android devices and “made changes” to protect all users. Apple, for its part, told AFP that it had also taken action against hackers. In September, iPhone maker had to urgently repair a computer flaw that Pegasus, the spyware from the Israeli company NSO, was able to exploit to infect the brand’s smartphones without even resorting to booby-trapped links or buttons. According to several associations that brought the mass espionage scandal via Pegasus to light last July, tens of thousands of phones have been infected, including those of members. of the Spanish government and french.
Google engineers, who track more than 30 companies in the industry, say the spyware industry is “thriving and growing rapidly.” “Our research has shown how vendors of spying solutions have propagated these tools that were historically used only by governments,” they detail. “It makes the internet less secure and threatens the trust that users need.” They also point out that these tools, even legal under international law, are often used by governments for undemocratic purposes, in particular to target political activists, journalists or human rights defenders.