Google has confirmed reports of extremely powerful Android malware (opens in new tab)and notified victims that they are being targeted.
On a blog post (opens in new tab)Benoit Sevens and Clement Lecigne of the company’s Threat Analysis Group said cybersecurity researchers at Lookout were right when they discovered and warned users about the existence of a dangerous Android virus. (opens in new tab) called Hermit.
Hermit is reportedly built by an Italian software development company RCS Lab, and was initially used by state-sponsored actors to target certain individuals in Italy and Kazakhstan.
Extremely potent malware
the malware (opens in new tab) is extremely powerful and, once installed on the device, can access its command and control (C2) server to collect various modules, including call loggers, audio recorders (both ambient and telephone), photo and video collectors, SMS and email readers and location trackers.
Hermit works on all versions of Android and is even able to root your device to grant yourself even more privileges.
Still, the app needs to be downloaded on the device. This cannot be done through Google’s official Android repository, because it cannot be found there. Instead, victims are lured into downloading the app via phishing SMS messages and, according to TechCrunchthe attackers worked with the victims’ telecom providers to force them to download the app.
Now, with the confirmation of Hermit’s existence, Google has started contacting victims to warn them that they are being targeted. No word on the number of people in question, but given the malware’s potential, we can assume it’s just a handful of high-profile individuals, possibly politicians, journalists, and civil rights activists.
Google also obtained a version of the malware designed for Apple devices and said it abuses the company’s corporate developer certificate to allow the app to load. He took advantage of six new exploits, two of which are zero-day (opens in new tab). Apple is already working on a fix for one of them.
Through: Crunch Technology (opens in new tab)