An Italian company’s hacking tools were used to spy on Apple and Android smartphones in Italy and Kazakhstan. alphabet Inc’s Google said in a new report.
Milan-based RCS Lab, whose website claims that European law enforcement agencies as customers have developed tools to spy on the target devices’ private messages and contacts, the report states.
European and American regulators have been considering potential new rules for the sale and import of spyware.
“These vendors enable the proliferation of dangerous hacking tools and arm governments that could not develop these skills in-house.” Google said.
The governments of Italy and Kazakhstan did not immediately respond to requests for comment. An Apple spokesman said the company had revoked all known accounts and certificates related to this hacking campaign.
RCS Lab said its products and services comply with European regulations and help law enforcement investigate crimes.
“RCS Lab employees are not exposed nor participate in any activities conducted by the relevant customers,” it told Reuters in an email, adding that it condemned any misuse of its products.
Google said it took steps to protect its users Android operating system and warned you about the spyware called Hermit.
The global industry that produces spyware for governments has grown, and more and more companies are developing eavesdropping tools for law enforcement. Anti-surveillance activists accuse them of supporting governments, which in some cases use such tools to crack down on human and civil rights.
The industry came under the global spotlight when Israeli surveillance firm NSO’s Pegasus spyware was discovered in recent years They have been found to have been used by several governments to spy on journalists, activists and dissidents.
While RCS Lab’s tool isn’t as stealthy as Pegasus, it can still read messages and view passwords, said Bill Marczak, a security researcher at Digital Watchdog Citizen Lab.
“This shows that while these devices are ubiquitous, there is still a long way to go to protect them against these powerful attacks,” he added.
RCS Lab describes itself on its website as a manufacturer of “lawful wiretapping” technologies and services, including voice, data collection and “tracking” systems. It says it handles 10,000 targets intercepted daily in Europe alone.
Google researchers found RCS Lab had previously worked with the controversial, defunct Italian spy firm Chop Team that had similarly developed surveillance software for foreign governments to tap into phones and computers.
Hacking Team went bankrupt after falling victim to a major hack in 2015 that exposed numerous internal documents.
In some cases, Google believed hackers using RCS spyware were working with the target’s ISP, suggesting they had ties to state-backed actors, said Billy Leonard, a senior researcher at Google.
Evidence suggests Hermit was used in a predominantly Kurdish region of Syria, the mobile security firm said.
Analysis of Hermit showed that it can be used to take control of smartphones, record audio, redirect calls and collect data such as contacts, messages, photos and locations, Lookout researchers said.
Google and Lookout noticed the spread of spyware by tricking people into clicking links in messages sent to destinations.
“In some cases, we believe the actors worked with the target’s Internet Service Provider (ISP) to disable the target’s mobile data connectivity,” Google said.
“Once disabled, the attacker sent a malicious link via SMS, asking the target to install an application to restore their data connectivity.”
When not posing as a mobile Internet service provider, the cyber spies send links pretending to be from phone makers or messaging apps to trick people into clicking, researchers said.
“Hermit deceives users by serving up the legitimate websites of the brands it impersonates while launching malicious activity in the background,” Lookout researchers said.
Google said it warned Android users affected by the spyware and strengthened software defenses. Apple told AFP it was taking steps to protect iPhone users.
According to Alphabet tech titan, Google’s threat team is tracking more than 30 companies that sell surveillance capabilities to governments.
“The commercial spyware industry is thriving and growing at a significant rate,” said Google.