Context
The Threat Analysis Group (TAG) of Google is warning that Hermit, a new spyware originating from an Italian security company is making its way on the Android phone hacking scene.
What is Hermit?
- Hermit is a modular threat that can download additional capabilities from a command and control (C2) server.
Spyware
- Spyware is the term given to a category of software which aims to steal personal or organisational information.
|
- This allows the spyware to access the call records, location, photos, and text messages on a victim’s device.
- Hermit is also able to record audio, make and intercept phone calls, as well as root to an Android device, which gives it full control over its core operating system.
- The spyware can infect both Android and iPhones by disguising itself as a legitimate source, typically taking on the form of a mobile carrier or messaging app.
- Google’s cybersecurity researchers found that some attackers actually worked with ISPs to switch off a victim’s mobile data to further their scheme.
- Bad actors would then pose as a victim’s mobile carrier over SMS and trick users into believing that a malicious app download will restore their internet connectivity.
