of google threat analysis group (TAG) recently published its research on spyware called “Hermit” which is able to uncover both Android And iOS Device. TAG is responsible for tracking and analyzing government-backed attacks and hacking. According to a report in TechCrunch, the official blog of TAG has confirmed the existence of Hermit spyware. Blog blames Italian software company RCS Lab As the creator of spyware that can attack iOS and Android users. TAG research identifies victims hermit spyware in Italy and Kazakhstan. Meanwhile, Lookout (the first company to report this spyware) claims that it has also been used in Syria.
How is Hermit spyware spreading?
The sideloading process helped distribute Hermit spyware on platforms both outside the App Store and the Google Play Store. In the process, attackers send a text message with a malicious link that prompts victims to download and install the app. Meanwhile, Android allows users to easily install apps from outside the App Store. The same process in iOS devices is a bit more complicated but not impossible. Although, Apple have found a way to stop the spread of Hermit spyware on their devices, reports 9to5Mac.
What are enterprise apps and how did it help Hermit spread?
Apple provides special certifications for companies to distribute enterprise apps to their employees outside of the App Store. According to the report, RCS distributed its fake app to iOS users as an enterprise app that disguised Hermit spyware to look like an official telecom or messaging app. These apps are unable to access internal system files or user data without permission because they run under the same sandbox rules that any other App Store app needs to follow.
However, it’s easy for enterprise apps to take advantage of these exploits found in iOS because Apple doesn’t review such apps. Some of the Hermit’s exploits include – recording audio from the microphone, redirecting phone calls, storing photos, messages and emails as well as affecting the current location of the device.
How Apple has stopped the spread of Hermit spyware on its devices
The report noted that Apple has found a way to stop the spread of Hermit spyware by revoking “all known accounts and certificates associated with the spyware.” This will prevent harmful apps from being distributed outside the App Store.
This doesn’t make iOS users completely safe from Hermit, as RCS Lab noted in the report that it may have found another way “to exploit iOS to distribute its spyware.” The best way for smartphone users to stay safe is not to click on unknown links or install apps from unknown sources.
Hermit Spyware: Target
According to the report, the exact target of the Hermit spyware is still unclear, however, there is evidence of RCS Lab selling it to “government-backed actors”. The report also noted that Hermit NSO may act in much the same way as the Pegasus spyware, which was “used by authoritarian governments to survey journalists, political opponents, activists and human rights defenders.”
Still, this spyware is not designed for ordinary users, but its presence can be a major threat to people’s privacy and security, the report suggests. In 2021, Apple filed suit against Apple NSO Group Accused the organization of spending huge amounts to infiltrate the iOS security system and victimize users.
ALSO READ: Apple will launch a refreshed HomePod with S8 processor in 2023. Click Here to read more.
How is Hermit spyware spreading?
The sideloading process helped distribute Hermit spyware on platforms both outside the App Store and the Google Play Store. In the process, attackers send a text message with a malicious link that prompts victims to download and install the app. Meanwhile, Android allows users to easily install apps from outside the App Store. The same process in iOS devices is a bit more complicated but not impossible. Although, Apple have found a way to stop the spread of Hermit spyware on their devices, reports 9to5Mac.
What are enterprise apps and how did it help Hermit spread?
Apple provides special certifications for companies to distribute enterprise apps to their employees outside of the App Store. According to the report, RCS distributed its fake app to iOS users as an enterprise app that disguised Hermit spyware to look like an official telecom or messaging app. These apps are unable to access internal system files or user data without permission because they run under the same sandbox rules that any other App Store app needs to follow.
However, it’s easy for enterprise apps to take advantage of these exploits found in iOS because Apple doesn’t review such apps. Some of the Hermit’s exploits include – recording audio from the microphone, redirecting phone calls, storing photos, messages and emails as well as affecting the current location of the device.
How Apple has stopped the spread of Hermit spyware on its devices
The report noted that Apple has found a way to stop the spread of Hermit spyware by revoking “all known accounts and certificates associated with the spyware.” This will prevent harmful apps from being distributed outside the App Store.
This doesn’t make iOS users completely safe from Hermit, as RCS Lab noted in the report that it may have found another way “to exploit iOS to distribute its spyware.” The best way for smartphone users to stay safe is not to click on unknown links or install apps from unknown sources.
Hermit Spyware: Target
According to the report, the exact target of the Hermit spyware is still unclear, however, there is evidence of RCS Lab selling it to “government-backed actors”. The report also noted that Hermit NSO may act in much the same way as the Pegasus spyware, which was “used by authoritarian governments to survey journalists, political opponents, activists and human rights defenders.”
Still, this spyware is not designed for ordinary users, but its presence can be a major threat to people’s privacy and security, the report suggests. In 2021, Apple filed suit against Apple NSO Group Accused the organization of spending huge amounts to infiltrate the iOS security system and victimize users.
ALSO READ: Apple will launch a refreshed HomePod with S8 processor in 2023. Click Here to read more.