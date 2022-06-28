Recently, the Google confirmed some rumors regarding extremely dangerous malware on devices android. According to the company, cybersecurity experts Benoit Sevens and Clement Lavigne, from Big Tech’s Threat Analysis Group, correctly warned of the existence of a virus called “Hermit”, or Hermit in Portuguese.

Read more: Hidden in Linux, malware of Chinese origin is very dangerous

The malware is suspected to have been developed by an Italian software development company, Milan-based RCS Lab, and was used by state-sponsored agents to target certain groups in Italy and Kazakhstan.

How does the virus work?

Basically, this is malware surveillance software. Therefore, it can work as spyware. According to experts, it is extremely dangerous as once installed on the device, it can contact your command and control server to collect some data such as photos, SMS, location and even call recording. Therefore, Android users of all versions can have their information and privacy compromised.

Still, you have to go through a process for it to contaminate a smartphone. That’s because the download cannot be done through Google’s official store, the Play Store, as it cannot be found there. In fact, victims are lured into downloads via SMS messages, where attackers use victims’ telecommunication providers to force them to download the application.

In some cases, they worked with ISPs to turn mobile data on and off, prompting them to download the app to regain functionality.

Google answer

The company has started to contact the affected people, but there is still no data on the number of victims or hijacked data. In addition, they also reported the existence of a version of Hermit for Apple devices, and that in the case of iOS, it abuses the corporate developer certificate to allow the download to be done.