A security company from Milan is responsible for developing the Hermit spy software. With the eavesdropping program, it is possible to spy on both Android and iOS users. Internet service providers helped distribute the spyware.
That’s what Google’s Threat Analysis Group (TAG) suggests. In a blog , the cybersecurity experts at the internet company describe the spy software called Hermit.
This is how hackers infect smartphones with Hermit
The spyware was discovered earlier this month by Lookout’s security experts. Google’s security researchers confirm how dangerous the Italian company’s bugging program is. In the eyes of Google, Hermit is proof that commercial parties today are just as good at developing spy software that could previously only be made by experts from governments.
According to the members of TAG, Hermit must be installed manually on smartphones. In all cases known to the research team, victims received a link that redirected them to a malicious page. From there, the rogue application was installed.
Spyware installed via ISP or fake message
If the victims did not fall for this, the hackers would disconnect their target’s mobile phone via Internet Service Providers (ISPs). Once disabled, they sent victims a text message with malicious URL. In it, they were asked to install an application to restore the data connection. In reality, victims infected their cell phones with Hermit.
Once installed, the spyware can download all kinds of modules from its server on its own. This allows cybercriminals to view photos and videos, view call history, listen in on phone calls, record sound, and transmit location information, among other things. Hermit would even try