Kaspersky Lab uncovers new Android and iOS spying tools Security company Kaspersky Lab has published a new report uncovering previously undiscovered Remote Control System (RCS) Trojans that work on both Android and iOS. Its also mapped their massive international command and control network. The Trojans are part of the allegedly legal spyware tool, RCS, also known as Galileo, developed by the Italian company, HackingTeam. Kasperskys researchers were able to map the presence of more than 320 RCS command and control servers in over 40 countries. The majority of the servers being found in the United States, Kazakhstan, Ecuador, the United Kingdom and Canada. Its been suspected for some time that HackingTeams mobile Trojans for iOS and Android existed. Until now though nobody has actually identified them or noticed them being used in attacks. The list of victims identified by Kaspersky includes activists and human rights advocates, as well as journalists and politicians. The malware is delivered using spear phishing via social engineering -- often coupled with exploits, including zero-days -- and local infections via USB cables while synchronizing mobile devices. The RCS modules are sophisticated and designed to work in a discreet way. They use carefully customized spying capabilities, or special triggers. For example, an audio recording may start only when a victim is connected to a particular Wi-Fi network, or when that person changes the SIM card, or while the device is recharging its battery. The RCS mobile Trojans are capable of performing a variety of surveillance functions, including reporting the targets location, taking photos, copying events from the devices calendar, and registering new SIM cards inserted in the infected device. They can also intercept phone calls and SMS messages, including chat messages sent from specific applications such as Viber, WhatsApp and Skype. For RCS to infect an iPhone it needs to be jailbroken, but Kaspersky warns that non-jailbroken iPhones can become vulnerable too. An attacker can run a jailbreaking tool like Evasi0n via a previously infected computer and conduct a remote jailbreak, followed by the infection. Sergey Golovanov, Principal Security Researcher at Kaspersky Lab says, The presence of these servers in a given country doesnt mean to say they are used by that particular countrys law enforcement agencies. However, it makes sense for the users of RCS to deploy C&Cs in locations they control -- where there are minimal risks of cross-border legal issues or server seizures. betanews/2014/06/24/kaspersky-lab-uncovers-new-android-and-ios-spying-tools/
Posted on: Thu, 26 Jun 2014 12:54:56 +0000
Trending Topics
Recently Viewed Topics
© 2015