Apple and Android phones hacked by Italian spyware, Google says

A man holds a laptop computer as cybercode is projected onto him in this illustrative photo taken May 13, 2017. REUTERS/Kacper Pempel

Join now for FREE unlimited access to Reuters.com

SAN FRANCISCO, June 23 (Reuters) – Hacking tools from an Italian company have been used to spy on Apple Inc. (AAPL.O) and Android smartphones in Italy and Kazakhstan, Alphabet Inc. (GOOGL.O) Google said in a report Thursday.

Milan-based RCS Lab, whose website claims European law enforcement agencies as clients, has developed tools to spy on the private messages and contacts of targeted devices, according to the report.

European and US regulators have been weighing potential new rules on the sale and import of spyware.

Join now for FREE unlimited access to Reuters.com

“These vendors enable the proliferation of dangerous hacking tools and arm governments that may not be able to develop these capabilities internally,” Google said.

The Italian and Kazakh governments did not immediately respond to requests for comment. An Apple spokesperson said the company has revoked all known accounts and certificates associated with this hacking campaign.

RCS Lab said its products and services comply with EU rules and help law enforcement investigate crimes.

“RCS Lab personnel are not exposed to or involved in any activity conducted by affected customers,” he told Reuters in an email, adding that he condemns any misuse of its products.

Google said it took steps to protect users of its Android operating system and alerted them to spyware.

The global government spyware industry has grown, with more and more companies developing interception tools for law enforcement. Anti-surveillance activists accuse them of aiding governments, which in some cases use such tools to suppress human and civil rights.

The industry was in the global spotlight when Israeli surveillance company NSO’s Pegasus spyware was found in recent years to have been used by several governments to spy on journalists, activists and dissidents. .

While RCS Lab’s tool may not be as stealthy as Pegasus, it can still read messages and show passwords, said Bill Marczak, security researcher with digital watchdog Citizen Lab.

“It shows that even though these devices are ubiquitous, there is still a long way to go to protect them against these powerful attacks,” he added.

On its website, RCS Lab describes itself as a maker of “lawful interception” technologies and services, including voice, data collection, and “tracking systems.” He says he processes 10,000 intercepted targets daily in Europe alone.

Google researchers found that RCS Lab once collaborated with the controversial and defunct Italian spy firm Hacking Team, which also created surveillance software that allowed foreign governments to exploit phones and computers.

Hacking Team went bankrupt after being the victim of a major hack in 2015 which led to the disclosure of numerous internal documents.

In some cases, Google said it believed hackers using RCS spyware were working with the target’s internet service provider, suggesting they had ties to government-backed actors, Billy said. Leonard, senior researcher at Google.

Join now for FREE unlimited access to Reuters.com

Reporting by Zeba Siddiqui in San Francisco; edited by Jonathan Oatis and David Gregory

Our standards: The Thomson Reuters Trust Principles.

Leave a Comment