(San Francisco) Software from an Italian company specializing in communications surveillance has been used to hack smartphones to spy on users in Italy and Kazakhstan, according to Google, which condemns a “burgeoning” spyware industry.
Posted at 16:01
“These companies facilitate the proliferation of dangerous hacking tools and arm governments that otherwise would not be able to develop these skills,” the tech giant said in a statement Thursday.
Google engineers explain that the victims, users of Android (Google) and iOS (Apple) smartphones, received a link to install malicious applications, which then allow them to spy on their activity on their mobile or extract documents.
In some cases, hackers act with the complicity of Internet providers and the applications resemble those of operators. Otherwise they pretend to be messengers, like WhatsApp.
According to Google, the software used is that of RCS Lab, an Italian company that “provides advanced technological solutions to security services for surveillance of communications,” according to its website. He did not react immediately to a request from the AFP.
The California-based group, which has identified victims in Italy and Kazakhstan, says it has warned users of infected Android devices and “made changes” to protect all users.
Apple, for its part, told AFP that it has also taken measures against hackers.
In September, the iPhone manufacturer had to urgently repair a computer defect that Pegasus, the spyware of the Israeli company NSO, was able to exploit to infect the brand’s smartphones without even resorting to trapped links or buttons.
According to several associations that uncovered the Pegasus mass espionage scandal last July, tens of thousands of phones have been infected, including those of members of the French government.
Google engineers, who follow more than 30 companies in the industry, say the spyware industry is “thriving and growing fast.”
“Our research shows the extent to which spyware vendors have popularized these tools that have historically been used only by governments,” they explain in detail. “It makes the Internet less secure and threatens the trust users need.”
They also point out that these tools, even legal under international law, are often used by governments for undemocratic purposes, in particular to target political activists, journalists or human rights defenders.