Android malware is so dangerous, Google is also worried
Google has confirmed reports of the existence of an extremely powerful Android malware (opens in new tab)and informed the victims that they were being targeted.
in a blog post (opens in new tab)Benoit Sevens, and Clement Lesigne of the company’s Threat Analysis Group, said that Lookout’s cybersecurity researchers were right when they made the discovery, and warned users about the existence of a dangerous Android virus. (opens in new tab) called Hermit.
Hermit is reportedly created by RCS Lab, an Italian software development company, and was initially used by state-sponsored actors to target certain individuals in both Italy and Kazakhstan.
extremely powerful malware
malware (opens in new tab) Extremely powerful, and once installed on the device, access to its command and control (C2) server to take multiple modules including call logger, audio recorder (both ambient and phone calls), photo and video harvester, SMS could. Email readers, and location trackers.
Hermit works on all versions of Android, and is also capable of rooting the device to give itself even more privileges.
Still, the app needs to be downloaded to the device. This cannot be done through Google’s official Android repository, as it cannot be found there. Instead, victims are lured through phishing SMS messages and downloaded the app accordingly. techcrunchThe attackers worked with the victims’ telecommunications providers to force them to download the app.
Now, as Hermit’s existence has been confirmed, Google has begun reaching out to victims to warn them that they are being targeted. There’s no word on the number of people in question, but given the potential of the malware, we can assume it’s only a small number of high-profile individuals, possibly politicians, journalists and civil rights activists.
Google has also obtained a version of the malware designed for Apple devices, and said it abuses the company’s enterprise developer certificate to allow apps to be sideloaded. It took advantage of six new exploits, two of which are zero-days. (opens in new tab), Apple is already working on a fix for one of them.
Via: Tech Crunch (opens in new tab)