Google has warned its customers that an enterprise grade spyware strain is targeting both Android and iOS mobile device users in a recent Google Threat Analysis Group announcement. The spyware variant is reportedly in active circulation, according to the security team. Google has thus far identified victims in Italy and Kazakhstan. The spyware has been named Hermit and is described as modular surveillance-ware. Lookout cybersecurity states that the malware attempts to root devices and has a large arsenal of malicious capabilities, including recording audio, making or redirecting phone calls, stealing information such as SMS messages, call logs, contact lists, photos, and more, and exfiltrating GPS data.
Lookout released an analysis roughly a week ago suggesting that the spyware is delivered via malicious SMS messages. Google’s security team came to a similar conclusion, adding that unique links are sent to a target by a contact masquerading as an internet service provider in order to lure victims into opening links. In Lookout’s previous analysis, only an Android version of Hermit was included. However, Google has now added an iOS sample to the investigation. Neither of the samples were detected in official Google or App Store repositories.
Read More: Google details commercial spyware that targets both Android and iOS devices