TechCrunch: Google is notifying Android users targeted by Hermit government-grade spyware. https://techcrunch.com/2022/06/23/hermit-zero-day-android-spyware/
Image Credits: Bryce Durbin / TechCrunch
Security researchers at Lookout recently tied a previously unattributed Android mobile spyware, dubbed Hermit, to Italian software house RCS Lab. Now, Google threat researchers have confirmed much of Lookout’s findings and are notifying Android users whose devices were compromised by the spyware.
Lookout said that targeted victims are sent a malicious link by text message and tricked into downloading and installing the malicious app — which masquerades as a legitimate branded telco or messaging app — from outside of the app store.
According to a new blog post published Thursday and shared with TechCrunch ahead of its publication, Google said it found evidence that in some cases the government actors in control of the spyware worked with the target’s internet provider to cut their mobile data connectivity, likely as a lure to trick the target into downloading an telco-themed app under the guise of restoring connectivity.