‘Hermit’ spyware
- June 25, 2022
- Posted by: OptimizeIAS Team
- Category: DPN Topics
No Comments
‘Hermit’ spyware
Subject : Science and Technology
Section :Awareness in the filed of technology
- Hermit is a commercial spyware known to be used by governments, with victims in Kazakhstan, northern Syria and Italy, according to Lookout and Google.
- The spyware uses various modules, which it downloads from its command and control servers as they are needed, to collect call logs, record ambient audio, redirect phone calls and collect photos, messages, emails and the device’s precise location from a victim’s device.
- Hermit, which works on all Android versions, also tries to root an infected Android device, granting the spyware even deeper access to the victim’s data.
- Targeted victims are sent a malicious link by text message and tricked into downloading and installing the malicious app — which masquerades as a legitimate branded telco or messaging app — from outside of the app store.
- There is evidence that in some cases the government actors in control of the spyware worked with the target’s internet provider to cut their mobile data connectivity, likely as a lure to trick the target into downloading an telco-themed app under the guise of restoring connectivity.
- Hermit is the latest government-grade spyware known to be deployed by state agencies.
- Although it’s not known who has been targeted by governments using Hermit, similar mobile spyware developed by hacking-for-hire companies, like NSO Group and Candiru, have been linked to surveillance of journalists, activists and human rights defenders.
- Hermit spyware is also targeting iPhones, which previously it was unable to do.
- The Hermit iOS app — which abuses Apple enterprise developer certificates allowing the spyware to be sideloaded on a victim’s device from outside of the app store — is packed with six different exploits, two of which were never-before-seen vulnerabilities — or zero-days — at the time of their discovery.