Security company Lookout published a report last week detailing how a Kazakhstan government entity used spyware developed by Italian company RCS Lab against protestors. The government entity leveraged the enterprise grade spyware against domestic targets via brand impersonation that tricked recipients into clicking on malicious links. The spyware used has been dubbed Hermit and is an advanced, modular program. RCS Lab is a well-known Italian company that specializes in digital surveillance methods and software. Hermit can collect data, record conversations, and make calls, according to researchers.
Researchers state that the timing of the spyware operation is also significant, as anti-government protests and security forces met in violent crashes across Kazakhstan in early 2022. Local reports believe that roughly 227 individuals died and another 10,000 were arrested during the clashes. Four months later, researchers discovered the latest samples of Hermit targeting some of the activists and protestors involved. The spyware installation requires the victim to open an infected SMS message and click the link to the hijacked page.
Read More: Kazakh Govt. Used Spyware Against Protesters