Apple and Android phones hacked by Italian spyware, Google says

A man holding a laptop computer as cyber code projected on him in this illustration picture taken on May 13, 2017. REUTERS / Kacper Pempel

Register now for FREE unlimited access to Reuters.com

SAN FRANCISCO, June 23 (Reuters) – An Italian company’s hacking tools were used to spy on Apple Inc. (AAPL.O) and Android smartphones in Italy and Kazakhstan, Alphabet Inc.’s (GOOGL.O) Google said in a report on Thursday.

Milan-based RCS Lab, whose website claims European law enforcement agencies as clients, has developed tools to spy on private messages and contacts of targeted devices, the report said.

European and American regulators have been weighing potential new rules over the sale and import of spyware.

Register now for FREE unlimited access to Reuters.com

“These vendors are enabling the proliferation of dangerous hacking tools and arming governments that would not be able to develop these capabilities in-house,” Google said.

The governments of Italy and Kazakhstan did not immediately respond to requests for comment. An Apple spokeswoman said the company had revoked all known accounts and certificates associated with this hacking campaign.

RCS Lab said its products and services comply with European regulations and help law enforcement agencies investigate crimes.

“RCS Lab personnel are not exposed, nor have any activities been conducted by the relevant customers,” it told Reuters in an email, adding it condemned any abuse of its products.

Google said it had taken steps to protect users of its Android operating system and alerted them about the spyware.

The global industry is developing spyware for governments, with more companies developing interception tools for law enforcement. Anti-surveillance activists accuse them of aiding governments that in some cases use such tools to crack down on human rights and civil rights.

The industry has come under a global spotlight when the Israeli surveillance firm NSO’s Pegasus spyware was found in recent years to be used by multiple governments to spy on journalists, activists, and dissidents.

While RCS Lab’s tool may not be as stealthy as Pegasus, it can still read messages and view passwords, said Bill Marczak, a security researcher with digital watchdog Citizen Lab.

“It shows that even though these devices are ubiquitous, there is still a long way to go in securing them against these powerful attacks,” he added.

On its website, RCS Lab describes itself as a maker of “lawful interception” technologies and services including voice, data collection and “tracking systems.” It says it handles 10,000 intercepted targets daily in Europe alone.

Google researchers found RCS Lab had recently collaborated with the controversial, defunct Italian spy firm Hacking Team, which had similarly created surveillance software for foreign governments to tap into phones and computers.

The hacking team went bust after it became a victim of a major hack in 2015 that led to a disclosure of numerous internal documents.

In some cases, Google said it believed hackers using RCS spyware worked with the target’s Internet service provider, which suggested they had ties to government-backed actors, said Billy Leonard, a senior researcher at Google.

Register now for FREE unlimited access to Reuters.com

Reporting by Zeba Siddiqui in San Francisco; Editing by Jonathan Oatis and David Gregorio

Our Standards: The Thomson Reuters Trust Principles.

General Chat Chat Lounge

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker