AndroidMobile

Google warns of a new Italian spyware that accesses iOS and Android

The Google Threat Analysis Group (TAG) has identified the Italian group RCS Lab as a developer of spyware that It exploits zero-day vulnerabilities to perform iOS and Android mobile attacks.

RCS Lab, based in Milan, claims to have subsidiaries in France and Spain, and on its website it lists European government agencies as clients. The company has developed tools to spy on the private data of the attacked devices.

On its website, the company advertises that it offers “Complete lawful interception services, with more than 10,000 intercepted targets handled daily in Europe alone.”

Google’s TAG group, meanwhile, said that has observed spyware campaigns using capabilities it attributes to RCS Lab. Campaigns originate with a unique link sent to the target that, when clicked, attempts to get the user to download and install a malicious app on Android or iOS devices.

This appears to be done, in some cases, by tricking the target device’s mobile carrier into turning off mobile data connectivity, Google said. Subsequently, the user receives an app download link via SMS, supposedly to regain data connectivity.

For this reason, most apps pose as mobile operator apps. When mobile operator involvement is not possible, apps masquerade as messaging apps.


Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button