This Android malware is so dangerous, even Google is worried

Google flags worrying effects to Android victims

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Googlehas confirmed reports of the existence of an extremely potentAndroid malware, and notified victims that they’re being targeted.

In ablog post, Benoit Sevens, and Clement Lecigne of the company’s Threat Analysis Group said cybersecurity researchers from Lookout were right when they discovered, and warned users, of the existence of a dangerous Androidviruscalled Hermit.

Hermit is allegedly built by an Italian software development company RCS Lab, and was initally used by state-sponsored actors to target certain individuals both in Italy and in Kazakhstan.

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.

Extremely potent malware

Themalwareis extremely potent, and once installed on the device, can reach out to its command & control (C2) server to pick up numerous modules, including call loggers, audio recorders (both ambient and phone calls), photo and video harvesters, SMS and email readers, and location trackers.

Hermit works on all versions of Android, and is even capable of rooting the device to grant itself even more privileges.

Still, the app needs to be downloaded onto the device. That can’t be done via Google’s official Android repository, because it can’t be found there. Instead, the victims are lured into downloading the app via phishing SMS messages and according toTechCrunch, the attackers worked with the victims’ telecommunications providers to force them into downloading the app.

This Android malware could leave your wallet pretty empty>Beware - another dangerous Android malware has had millions of downloads from the Google Play Store>That Android antivirus could actually be malware

Now, as the existence of Hermit is confirmed, Google started reaching out to victims to warn them that they’re being targeted. No word on the number of people in question, but given the potential of the malware, we can assume it’s only a handful of high-profile individuals, possibly politicians, journalists, and civil rights activists.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Google has also obtained a version of the malware designed forAppledevices, and said it abuses the company’s enterprise developer certificate to allow the app to be sideloaded. It leveraged six new exploits, two of which arezero-days. Apple is already working on a fix for one of them.

Via:Tech Crunch

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Cisco issues patch to fix serious flaw allowing possible industrial systems takeover

Washington state court systems taken offline following cyberattack

Lego will let you build Sir Ernest Shackleton’s iconic lost ship, the Endurance, in its next Icons set