• Home
  • Politics
  • News
  • Business
  • Health
  • Entertainment
  • Sports
  • Lifestyle
  • Education
  • Opinion
Saturday, 1 April, 2023
  • Login
topfmonline.com
 
  • Home
  • News
  • Politics
  • Business
  • Entertainment
  • Health
  • Lifestyle
  • Sports
  • Education
  • Technology
  • Foreign
No Result
View All Result
topfmonline.com
No Result
View All Result
Home Technology

Apple revokes certificates for spyware app ‘Hermit’ distributed outside the App Store

TOPFM NEWS by TOPFM NEWS
June 28, 2022
in Technology
A A
0
Apple revokes certificates for spyware app ‘Hermit’ distributed outside the App Store
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter

Google’s Threat Analysis Group (TAG), a group that specializes in tracking and analyzing government-backed hacking and attacks, recently published research on “Hermit” – a spyware that can compromise Android and iOS devices. Luckily, Apple has already found a way to stop the spread of this specific spyware on its devices.

As shared on TAG’s official blog (via TechCrunch), the group has confirmed the existence of the Hermit spyware, which was created by Italian software company RCS Lab to attack iOS and Android users. On both platforms, the spyware was distributed outside of the App Store and Google Play thanks to the sideload process.

More specifically, the attackers send a text message with a malicious link tricking and convincing victims to download and install the app. While Android lets any user easily install apps from outside the App Store, the process on iOS is a bit more complex – but still not impossible.

Since Apple offers special certificates for companies to distribute enterprise apps to their employees outside of the App Store, RCS distributed its fake app to iOS users as an enterprise app. The spyware was masquerading as a legitimate telecom or messaging app. These apps run under the same sandbox rules as App Store apps, so they can’t access internal system files or user data without permission.

However, since enterprise apps are not reviewed by Apple, it’s easier for them to take advantage of exploits found in iOS. Once spyware is installed on the victim’s device, it can capture audio from the microphone, redirect phone calls, collect photos, messages, emails, and even the current location of the device.

Research has identified victims of the spyware in Italy and Kazakhstan, while Lookout (the first company to report Hermit spyware) says it has also been used in Syria.

Who are the targets of Hermit spyware?

At this point, the specific targets of the Hermit spyware remain unclear, but there’s evidence that RCS Lab has been selling the spyware to “government-backed actors.” Hermit is probably used in a similar way to NSO Pegasus spyware, which lets authoritarian governments surveil journalists, political opponents, activists, and human rights defenders.

Even if these spywares are not aimed at regular users, their existence is still a huge threat to people’s security and privacy. Last year, Apple filed a lawsuit against the NSO Group with the allegation that the organization spends millions of dollars to break the iOS security system and put users in danger.

Apple has stopped the spread of Hermit spyware

For now, Apple has found a way to stop the spread of Hermit spyware. A company spokesperson said that all known accounts and certificates associated with the spyware have been revoked, so the malicious app can no longer be distributed outside of the App Store.

Of course, this doesn’t mean that iOS users are completely safe from the threat. Just like NSO Group, RCS Lab can still find another way to exploit iOS to distribute their spyware. The best advice for any smartphone user is to never click on unknown links and never install apps from a source you don’t know.

Related Posts

TikTok launches an elections hub in Kenya ahead of General Elections

TikTok launches an elections hub in Kenya ahead of General Elections

July 15, 2022
10
Facebook to allow up to five profiles tied to one account

Facebook to allow up to five profiles tied to one account

July 15, 2022
4
Source: Filipe Espósito
Via: 9to5mac
Tags: Apple revokes certificates for spyware app 'Hermit' distributed outside the App Store
Previous Post

US kills ‘senior leader’ of al-Qaeda-linked group in Syria

Next Post

Meta introduces Instagram Reels APIs for developers

Related Posts

TikTok launches an elections hub in Kenya ahead of General Elections
Technology

TikTok launches an elections hub in Kenya ahead of General Elections

July 15, 2022
10
Facebook to allow up to five profiles tied to one account
Technology

Facebook to allow up to five profiles tied to one account

July 15, 2022
4
Microsoft releases tweet-size exploit for macOS sandbox escape bug
Technology

Microsoft releases tweet-size exploit for macOS sandbox escape bug

July 14, 2022
9
Final Android 13 beta arrives ahead of its official launch ‘in the weeks ahead’
Technology

Final Android 13 beta arrives ahead of its official launch ‘in the weeks ahead’

July 14, 2022
2
Ex-CIA engineer Joshua Schulte convicted over massive data leak
Technology

Ex-CIA engineer Joshua Schulte convicted over massive data leak

July 14, 2022
2
Samsung Galaxy Z Fold 4 with model name SM-F936U certified by FCC
Technology

Samsung Galaxy Z Fold 4 with model name SM-F936U certified by FCC

July 13, 2022
2
Next Post
Meta introduces Instagram Reels APIs for developers

Meta introduces Instagram Reels APIs for developers

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

BROWSE BY CATEGORIES

  • Business
  • Education
  • Entertainment
  • Foreign
  • Health
  • Lifestyle
  • News
  • Opinion
  • Politics
  • Sports
  • Technology
  • Uncategorized

BROWSE BY TOPICS

2022 Budget Afghanistan akufo addo Amazon Apiate explosion apple AT&T Black Stars covid COVID-19 COVID 19 E-Levy facebook Fuel Ghana Police Service Google Government health Intel iphone Mahama Majority Microsoft Minority momo NDC news NLC NPP Nvidia OMICRON Parliament police Russia security South Africa Taliban tech Tesla twitter US UTAG vaccine vaccines Xinjiang

Recent Posts

  • New revenue bills approval: Your walkout won’t affect us – Majority tells minority
  • Bawumia Must Win (BMW) Agenda Campaign Launched
  • Prove Seth Terkper’s authorisation for Letters of Credits – Judge tells Ato Forson
  • We’ll vote against govt’s new tax bills – Mahama Ayariga
  • ECG releases nationwide ‘Dumsor’ timetable

Recent Comments

No comments to show.

RECENT NEWS

  • New revenue bills approval: Your walkout won’t affect us – Majority tells minority March 31, 2023
  • Bawumia Must Win (BMW) Agenda Campaign Launched March 31, 2023
  • Prove Seth Terkper’s authorisation for Letters of Credits – Judge tells Ato Forson March 31, 2023
  • We’ll vote against govt’s new tax bills – Mahama Ayariga March 31, 2023

MAIN CATEGORIES

  • Business
  • Education
  • Entertainment
  • Foreign
  • Health
  • Lifestyle
  • News
  • Opinion
  • Politics
  • Sports
  • Technology
  • Uncategorized

Entertainment

US Veep Kamala Harris hails impact of medical drone delivery in Ghana
Health

US Veep Kamala Harris hails impact of medical drone delivery in Ghana

4 days ago
1
  • ABOUT US
  • CONTACT
  • ADVERTISE

© 2023 Top Media Group - Powered by BackUp Data Systems

No Result
View All Result
  • Home
  • Politics
  • News
  • Business
  • Health
  • Entertainment
  • Sports
  • Lifestyle
  • Education
  • Opinion

© 2023 Top Media Group - Powered by BackUp Data Systems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In