Spyware
Apple And Android Phones Hacked By Italian Spyware Confirmed By Google.
Google, a subsidiary of Alphabet Inc., revealed on Thursday that Apple Inc. and Android mobile devices in Italy and Kazakhstan were spied on by Italian Spyware using hacking tools manufactured in Italy. The story claims that tools to eavesdrop on the private messages and contacts of the targeted devices were developed by the Milan-based RCS Lab, whose website identifies European law enforcement agencies as clients.
With
more businesses manufacturing intercepting technology for law
enforcement, the worldwide spyware market is growing.
Anti-surveillance
campaigners accuse them of assisting governments, which in some
circumstances employ such instruments to suppress human and civil
rights.
Google’s
findings on RCS Lab come as European and American regulators consider
additional restrictions on the selling and import of spyware.
“These vendors are enabling the proliferation of dangerous hacking tools and arming governments that would not be able to develop these capabilities in-house,” Google mentioned.
Source: indianexpress.com
Apple,
as well as the governments of Italy and Kazakhstan, did not respond
immediately to requests for comment.
RCS
Lab claims that its products and services conform with European
regulations and help law enforcement organizations in their
investigations.
“RCS Lab workers are not exposed, nor do they participate in any activities conducted by the relevant customers,” the company told Reuters in an email, adding that any misuse of its goods was unacceptable.
Source: gadgets360.com
Google
claimed to have taken security measures to safeguard Android users
and to have made them aware of the spyware.
The
global spyware market for governments is expanding, with more and
more companies developing intercepting tools for law enforcement
agencies. Anti-surveillance campaigners accuse them of assisting
governments that, in some situations, utilize such tools to repress
human and civil rights.
The
Israeli spy agency NSO’s Pegasus malware, which was used by multiple
nations to spy on journalists, activists, and dissidents, brought the
industry into the public eye in recent years.
Bill Marczak, a security researcher at Citizen Lab, claims that although RCS Lab’s application isn’t as stealthy as Pegasus, it can still read messages and view passwords. He added, “This shows that even though these devices are ubiquitous, there’s still a long way to go in securing them against these powerful attacks,”
Source: indianexpress.com
RCS
Lab presents itself as a supplier of “lawful interception”
equipment and services, including voice, data collection, and
“tracking devices,” on its website. It states that it can
find 10,000 targets every day in only Europe.
According to Google researchers, RCS Lab previously collaborated with the contentious, now-defunct Italian Spyware firm Hacking Team, which also created surveillance software for foreign agencies to hack into phones and computers. After being the target of a large hack in 2015 that led to the disclosure of numerous internal documents, Hacking Team filed for bankruptcy.
Billy
Leonard, a senior researcher at Google, claims that in some
instances, Google implied that it believed hackers using RCS spyware
worked along with the target’s ISP, suggesting connections to actors
with government backing.
I am a second-year student pursuing Liberal Arts from Nmims. I am a painter, I love reading and have a great interest in cooking. I am also a trained kickboxer. I’ve always had a passion for writing and hence in my free time, I work as a freelance writer.
New Predator Spyware Lets Government Hackers Break Into Chrome And Android.
Google said Monday that a rogue private surveillance firm sold access to almost half a dozen major security loopholes in Chrome and Android to government-affiliated hackers last year. These governments then employed Cytrox’s “predator” spyware to complete their hacking campaigns. Because of New Predator Spyware, your Android phone and Chrome browser may be in danger of state-sponsored hacking.
Cytrox, a murky North Macedonian business, is accused of selling access to four zero-day system vulnerabilities in the Chrome browser and one in the Android operating system. Clients included government-linked “threat actors” from a variety of nations who utilized the exploits to execute hacking campaigns using Cytrox’s invasive spyware “Predator.”
In a blog post, Google‘s Threat Analysis Group (TAG) announced the news and mentioned that they think likely government-backed entities acquiring these exploits are operating (at least) in Egypt, Armenia, Greece, Madagascar, Côte d’Ivoire, Serbia, Spain, and Indonesia, consistent with CitizenLab findings, Google noted.
Cytrox exploited n-day vulnerabilities as well as zero-day weaknesses (vulnerabilities that have yet to be patched) (ones that have been already patched by Google). This frequently occurs when consumers do not regularly update their gadgets.
Surveillance organizations like Cytrox were responsible for a large portion of the zero-day vulnerabilities disclosed last year. Pegasus, anyone? Yes, the same instrument that governments around the world use to spy on journalists, public personalities, and members of opposition parties. It was created by the Israeli NSO Group and is said to have been used by the Indian government.
How the hacking took place:
One-time URLs that were shortened and delivered over email were used to target Android users. “Once the target clicked the link, the browser was transferred to an attacker-owned domain that delivered the attacks before redirecting to a legitimate website,” Google added.
The first case was discovered in August 2021 on an un-updated Samsung Galaxy S21. This was accomplished by exploiting existing Chrome flaws and opening URLs without the user’s knowledge. And this was only one of the campaigns.
In the world of hacking, what Cytrox has done is considered incredibly advanced and clever. It is a next-level cyber company to sells access to security weaknesses that require its own spyware to exploit. The zero-day exploits were employed alongside n-day vulnerabilities, according to Google, since the spyware’s makers took advantage of the time gap between when major defects were patched but not recognized as security issues and when these fixes were fully carried out across the Android ecosystem.
In other words, the monitoring firm granted spyware rights to individuals who had not fully updated their gadgets, giving them access to security weaknesses. Google had released updates, but users took their time to install them. Google said that their findings highlight the extent to which commercial surveillance vendors have proliferated capabilities that were previously only employed by governments with the technical expertise to design and operationalize exploits.
Google stated that its Android and Chrome teams were quick to respond to the vulnerabilities and repair them. Cytrox appears to be comparable to NSO Group, which produces and distributes Pegasus, arguably the most destructive cyber weapon, to various countries for espionage on targeted devices.
In recent years, hacking scandals involving the private spy business have sparked much debate. This is bad news for businesses that must protect items that are used by hundreds of millions of people. Cytrox is making things difficult for the security teams at Google, Apple, and Microsoft, and it doesn’t appear that they’ll be getting a break anytime soon.
I am a second-year student pursuing Liberal Arts from Nmims. I am a painter, I love reading and have a great interest in cooking. I am also a trained kickboxer. I’ve always had a passion for writing and hence in my free time, I work as a freelance writer.