Hermit spyware was first detected in Kazakhstan in April at a time when the government there tried to suppress voices against its policies violently.
In another case of cyber crime, a latest sophisticated spyware Hermit is believed to have targeted iPhones and Android devices in Kazakhstan and Italy. Experts suggest, the new spyware has been developed by an Italian vendor called RCS Lab and this comes on the lines of Pegasus. The Pegasus spyware by NSO Group can be deployed on a phone to control and track data from major applications.
The Hermit spyware was reported by a San Francisco-based cybersecurity firm. Google and Lookout have confirmed that Hermit is a commercial spyware that is known to be used by governments with victims in Kazakhstan, Italy and northern Syria, recent report by TechCrunch said.
Read | J-K IAS officer used as pawn to defraud friends, colleagues by cyber criminals
The Hermit spyware was first detected in Kazakhstan in April at a time when the government there tried to suppress voices against its policies violently. Speculations are also rife that this spyware was used in northeastern Kurdish region of Syria and by Italian authorities as part of an anti-corruption investigation.
How it launches its attack?
Lookout and TAG allege that the malicious team behind Hermit spyware is Italy-based spyware vendor RCS Labs. Once the victim unwittingly downloads the malicious software, the criminals can gain access to location, photos, call records and text messages of the victim. The hackers can also intercept phone calls (and make them, too). They can also record audio with the victim's device.
Once Hermit spyware is installed on Android or iOS devices, it can record audio on the device and perform unauthorised activities and calls. As per the report, the spyware can steal stored details such as account emails, browser bookmarks, contacts, calendar events among other things.
According to TAG, in situations where ISPs are not involved, Hermit spyware masquerades as a messaging app instead like WhatsApp. Hermit is capable of downloading and installing APK as well on the compromised device. It can upload files from the device, take pictures of the screen and read notifications.
The spyware can also get root access or privileged access to the Android system. Moreover, it can silently install or uninstall WhatsApp and Telegram and steal data from the installed apps.
How to spot Hermit spyware?
If you receive a fishy text after your mobile data unexpectedly turns off, it could be a hacker pretending to be a trusted entity. And of course, if you stumble upon a page similar to the screenshot posted above, don't fall for it. If you do, your device may be in grave danger.
the Hermit iOS app corrupts Apple enterprise developer certificates and allows the spyware to be sideloaded on a victim’s device from outside the app store. According to The Verge, Apple revoked all known accounts and certificates associated with Hermit. As for Google, it pushed a Google Play Protect update to all users.
How to stay protected?
Follow basic tips and make sure to update phones regularly and each update includes a security patch to keep unknown vulnerabilities at the bay.
It is also important to stay away from clicking unknown links and is recommended to review the apps installed on the device periodically.
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}
 "What's Hermit spyware that targets smartphones?")
){kind=small}
){kind=small}
){kind=small}
){kind=small}
)
){kind=small}
){kind=small}
)
)
)
)
)
){kind=small}
){kind=small}
){kind=small}
){kind=small}
){kind=small}