Thousands of phones — running Android and iOS are at risk of getting hacked into by spyware developed by an Italian firm.
As part of their effort to make Android phones more secure — Google’s Threat Analysis Group (opens in new tab) (TAG) publishes reports on vulnerabilities that are spotted around the world. TAG has now reported that Milan based RCS Labs had come up with tools to spy on private messages, passwords and contacts of users. These tools are now being used to spy on the phones of people based in Italy and Kazakhstan.
How would you know if this was attacking your phone? Well, TAG reports that the spyware uses a combination of clever tactics to enter a user's phone. This includes trying to get users to download a malicious app on either Android or iOS or sometimes disables the users data via their carrier before sending a malicious link via text to get them to ‘fix’ the issue.
Strangely enough, RCS Labs’ website (opens in new tab) claims that they have European law enforcement agencies as clients. Google said that the big problem is that they are “enabling the proliferation of dangerous hacking tools and arming governments that would not be able to develop these capabilities in-house.” European and American regulators have been deciding new rules against the sale and purchase of spyware.
Spyware like that of RCS Labs can be dangerous especially when it falls into the wrong hands. This is also not the first time a spyware firm has been found hacking into phones. Israeli firm NSO’s Pegasus spyware was found to be spying on journalists and activists by many different governments around the world. RCS’ spyware doesn’t seem as dangerous or widespread as Pegasus though.
In an email to Reuters, RCS Labs mentioned that they condemned any abuse of its products and insisted that they are used to help law enforcement agencies investigate crimes.
An Apple spokesperson said that the company had revoked all accounts and certificates associated with this hacking campaign. Apple has patched each of the iOS exploits used, so you should be safe if you have at least iOS 15.2.
Google has ramped up its defenses and mentioned that they have informed the affected users in both Italy and Kazakhstan.
There might be little reason to worry though. The attack does not seem widespread and there is no indication users beyond those countries have been affected.
The hack is a good reminder to keep installing security patches on your Android or iPhone. Spyware is something everyone should be aware of to avoid falling victim to. You can also download the best Android antivirus apps to keep spyware at bay.