Freeware Files | Download Free Software

Wednesday, 25 June 2014 14:09

Researchers reveal mobile malware tools governments use to spy on phones

Rate this item
(0 votes)

Governments are increasingly using spyware for mobile devices to monitor targets, raising questions over the possible misuse of such tools, a new study suggests.

The Citizen Lab, part of the Munk School of Global Affairs at the University of Toronto, and Kaspersky Lab both published analyses on Tuesday of a surveillance product called Remote Control System (RCS) from Hacking Team in Italy.

Hacking Team is one of a handful of companies, including the Gamma Group, specializing in what are essentially malicious software programs designed to intercept data but intended for governments and law enforcement.

The Citizen Lab has long expressed concern in other published research over the use of the tools by governments, which it has concluded have been employed to suppress speech and monitor political opponents in the past.

Over time, the cost of the spying toolkits has fallen and they are now within reach of nearly all governments, the Citizen Lab said in its writeup.

“By dramatically lowering the entry cost on invasive and hard-to-trace monitoring, the equipment lowers the cost of targeting political threats for those with access to Hacking Team and Gamma Group toolkits,” the group wrote.

The latest research looks into the exploitation techniques for an Android component of RCS and the command-and-control infrastructure behind it.

hacking-team

The Remote Control System, from an Italian security company called Hacking Team, is designed in part to help law enforcement and governments monitor the mobile devices of targets.

The Citizen Lab identified a suspicious Android APK (application installation package) that was a functional copy of the news application “Qatif Today” intended for people in Saudi Arabia. A version of it had been modified to also deliver a payload created by Hacking Team.

A link to what appeared to the malicious APK was tweeted, which led to a Dropbox file that is now gone, The Citizen Lab wrote. If installed, the Hacking Team module requests permissions such as reading and writing SMSes, monitoring GPS location and the ability to process calls.

The Citizen Lab found other Android Hacking Team Android implants that tried to access local stores of chats in applications such as Facebook, Viber, Skype, Line and QQ.

A source leaked to The Citizen Lab a group of documents that describes how the RCS works, giving the research group broad insight into how tracking targets works. The group cautioned the documents have not been verified, but the information did not contradict its own RCS research.

Kaspersky Lab wrote on its blog that it uncovered “a huge infrastructure that is used to control the RCS malware implants.”

Kaspersky scanned the entire IPV4 Internet address space, using a special “fingerprinting” method it developed that can identify RCS command-and-control servers.

It found 64 RCS command-and-control servers in the U.S., the most of any country, followed by 49 in Kazakhstan, 35 in Ecuador and 24 in the U.K. Other countries with double-digit numbers of control servers included Canada, China and Colombia.

Some of the IP addresses connected with those servers appeared to be government owned, Kaspersky said. It’s unlikely law enforcement agencies would locate those command servers in other countries “in order to avoid cross-border legal problems and the seizure of servers,” the company wrote.

Source

Subscribe via RSS or Email:

 
Read 1433 times Last modified on Wednesday, 25 June 2014 19:25
  1. Latest News
  2. Most Popular
  3. Top Rated
  4. Latest Comments
  • Michael A
    Why they do not shut down the company that provides the faulty patchwork systems that make such malware first possible? No, not because of a faulty ...

    Read more...

     
  • Moubreb
    The people at any router between You and facebook can read Your communication if: 1. You're using an http: connection 2. A fake facebook certificate ...

    Read more...

     
  • theoctagon
    You could always just use what's already baked in: Android Device Manager. https://www.google.com/android/devicemanager

    Read more...

     
  • Michael A
    AFAIR the patch was available one day after the discovery of heartbleed. That normal with Free Software. Only mislead users of commercial scrap have ...

    Read more...

next
prev

Quick Search

Powered by Liquidtroll
Prev Next

Skype catches up with Google Hangouts as group video calling goes free

28-04-2014 Hits:733 Social Networks Vasia L. - avatar Vasia L.

Skype catches up with Google Hangouts as group video calling goes free

Just as it promised, Skype has announced that group video calling will now be completely free of charge. The feature, which lets up to 10 people participate in video calling, is...

It is not necessary to buy a new PC for Windows 8

13-10-2012 Hits:1654 Microsoft Panagiotis K. - avatar Panagiotis K.

It is not necessary to buy a new PC for Windows 8

Having learned the lesson ... on the hard way, with Windows Vista, Microsoft has assured the public that the upcoming Windows 8 do not require the purchase of a new...

Hacker claim about bug in post-Heartbleed OpenSSL encryption likely a scam

14-05-2014 Hits:1409 Hacking Panagiotis K. - avatar Panagiotis K.

Hacker claim about bug in post-Heartbleed OpenSSL encryption likely a scam

Security experts have expressed doubts about a hacker claim that there’s a new vulnerability in the patched version of OpenSSL, the widely used cryptographic library repaired in early April. A group...

A Malware that lives exclusively in the computer's RAM

19-03-2012 Hits:3094 Security George Q - avatar George Q

A Malware that lives exclusively in the computer's RAM

Researchers from Kaspersky Labs have identified an unusual type of malware that is of particular interest.  It is a trojan which is a fundamental innovation which is not installed on the...

Ubisoft: Assassin's Creed 3

10-04-2013 Hits:1367 Games Panagiotis K. - avatar Panagiotis K.

Ubisoft: Assassin's Creed 3

The Assassin's Creed III is the third official capital of the homonymous series and fifth overall game was released for PC and consoles. After three episodes of Assassin's Creed II, Ubisoft...