• Home
  • Politics
  • News
  • Business
  • Health
  • Entertainment
  • Sports
  • Lifestyle
  • Education
  • Opinion
Monday, 15 August, 2022
  • Login
topfmonline.com
 
  • Home
  • News
  • Politics
  • Business
  • Entertainment
  • Health
  • Lifestyle
  • Sports
  • Education
  • Technology
  • Foreign
No Result
View All Result
topfmonline.com
No Result
View All Result
Home Technology

Apple revokes certificates for spyware app ‘Hermit’ distributed outside the App Store

TOPFM NEWS by TOPFM NEWS
June 28, 2022
in Technology
A A
0
Apple revokes certificates for spyware app ‘Hermit’ distributed outside the App Store
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter

Google’s Threat Analysis Group (TAG), a group that specializes in tracking and analyzing government-backed hacking and attacks, recently published research on “Hermit” – a spyware that can compromise Android and iOS devices. Luckily, Apple has already found a way to stop the spread of this specific spyware on its devices.

As shared on TAG’s official blog (via TechCrunch), the group has confirmed the existence of the Hermit spyware, which was created by Italian software company RCS Lab to attack iOS and Android users. On both platforms, the spyware was distributed outside of the App Store and Google Play thanks to the sideload process.

More specifically, the attackers send a text message with a malicious link tricking and convincing victims to download and install the app. While Android lets any user easily install apps from outside the App Store, the process on iOS is a bit more complex – but still not impossible.

Since Apple offers special certificates for companies to distribute enterprise apps to their employees outside of the App Store, RCS distributed its fake app to iOS users as an enterprise app. The spyware was masquerading as a legitimate telecom or messaging app. These apps run under the same sandbox rules as App Store apps, so they can’t access internal system files or user data without permission.

However, since enterprise apps are not reviewed by Apple, it’s easier for them to take advantage of exploits found in iOS. Once spyware is installed on the victim’s device, it can capture audio from the microphone, redirect phone calls, collect photos, messages, emails, and even the current location of the device.

Research has identified victims of the spyware in Italy and Kazakhstan, while Lookout (the first company to report Hermit spyware) says it has also been used in Syria.

Who are the targets of Hermit spyware?

At this point, the specific targets of the Hermit spyware remain unclear, but there’s evidence that RCS Lab has been selling the spyware to “government-backed actors.” Hermit is probably used in a similar way to NSO Pegasus spyware, which lets authoritarian governments surveil journalists, political opponents, activists, and human rights defenders.

Even if these spywares are not aimed at regular users, their existence is still a huge threat to people’s security and privacy. Last year, Apple filed a lawsuit against the NSO Group with the allegation that the organization spends millions of dollars to break the iOS security system and put users in danger.

Apple has stopped the spread of Hermit spyware

For now, Apple has found a way to stop the spread of Hermit spyware. A company spokesperson said that all known accounts and certificates associated with the spyware have been revoked, so the malicious app can no longer be distributed outside of the App Store.

Of course, this doesn’t mean that iOS users are completely safe from the threat. Just like NSO Group, RCS Lab can still find another way to exploit iOS to distribute their spyware. The best advice for any smartphone user is to never click on unknown links and never install apps from a source you don’t know.

Related Posts

TikTok launches an elections hub in Kenya ahead of General Elections

TikTok launches an elections hub in Kenya ahead of General Elections

July 15, 2022
3
Facebook to allow up to five profiles tied to one account

Facebook to allow up to five profiles tied to one account

July 15, 2022
0
Source: Filipe Espósito
Via: 9to5mac
Tags: Apple revokes certificates for spyware app 'Hermit' distributed outside the App Store
Previous Post

US kills ‘senior leader’ of al-Qaeda-linked group in Syria

Next Post

Meta introduces Instagram Reels APIs for developers

Related Posts

TikTok launches an elections hub in Kenya ahead of General Elections
Technology

TikTok launches an elections hub in Kenya ahead of General Elections

July 15, 2022
3
Facebook to allow up to five profiles tied to one account
Technology

Facebook to allow up to five profiles tied to one account

July 15, 2022
0
Microsoft releases tweet-size exploit for macOS sandbox escape bug
Technology

Microsoft releases tweet-size exploit for macOS sandbox escape bug

July 14, 2022
2
Final Android 13 beta arrives ahead of its official launch ‘in the weeks ahead’
Technology

Final Android 13 beta arrives ahead of its official launch ‘in the weeks ahead’

July 14, 2022
1
Ex-CIA engineer Joshua Schulte convicted over massive data leak
Technology

Ex-CIA engineer Joshua Schulte convicted over massive data leak

July 14, 2022
0
Samsung Galaxy Z Fold 4 with model name SM-F936U certified by FCC
Technology

Samsung Galaxy Z Fold 4 with model name SM-F936U certified by FCC

July 13, 2022
1
Next Post
Meta introduces Instagram Reels APIs for developers

Meta introduces Instagram Reels APIs for developers

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

BROWSE BY CATEGORIES

  • Business
  • Education
  • Entertainment
  • Foreign
  • Health
  • Lifestyle
  • News
  • Opinion
  • Politics
  • Sports
  • Technology
  • Uncategorized

BROWSE BY TOPICS

2022 Budget AFCON Afghanistan akufo addo Amazon Apiate explosion Appiate apple AT&T Bawumia speaks on the Economy Biden Black Stars covid COVID-19 COVID 19 E-Levy facebook Ghana Police Service Google Hackers health Intel iphone Microsoft NLC Nvidia OMICRON Parliament police Russia Samsung security South Africa Taliban tech TESCON Tesla Trump twitter US UTAG vaccine Verizon Windows 11 Xinjiang

Recent Posts

  • We’re doing as much as we can to revive Ghana’s economy – IMF 
  • Selected KNUST students to get funding to develop problem-solving modules 
  • TikTok launches an elections hub in Kenya ahead of General Elections
  • Facebook to allow up to five profiles tied to one account
  • Ukraine war crimes investigation receives support of 45 nations

Recent Comments

No comments to show.

RECENT NEWS

  • We’re doing as much as we can to revive Ghana’s economy – IMF  July 15, 2022
  • Selected KNUST students to get funding to develop problem-solving modules  July 15, 2022
  • TikTok launches an elections hub in Kenya ahead of General Elections July 15, 2022
  • Facebook to allow up to five profiles tied to one account July 15, 2022

MAIN CATEGORIES

  • Business
  • Education
  • Entertainment
  • Foreign
  • Health
  • Lifestyle
  • News
  • Opinion
  • Politics
  • Sports
  • Technology
  • Uncategorized

Entertainment

TOP FM enters Mallam Atta market with “Apomuden” Festival
Business

TOP FM enters Mallam Atta market with “Apomuden” Festival

5 months ago
6
  • ABOUT US
  • CONTACT
  • ADVERTISE

© 2022 Top Media Group - Powered by BackUp Data Systems

No Result
View All Result
  • Home
  • Politics
  • News
  • Business
  • Health
  • Entertainment
  • Sports
  • Lifestyle
  • Education
  • Opinion

© 2022 Top Media Group - Powered by BackUp Data Systems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In