A naukri.com initiative
TechCrunch
1M
181
Image Credit: TechCrunch
Spyware maker caught distributing malicious Android apps for years
- Italian spyware maker SIO has been distributing malicious Android apps, disguised as popular apps like WhatsApp, to steal private data from targets.
- Security researchers confirmed that the spyware, called Spyrtacus, can steal messages, data, record calls, and capture audio and images.
- SIO sells spyware to the Italian government, targeting individuals through these malicious apps posing as legitimate services.
- The spyware campaign involved distributing phony apps related to popular cellphone providers and bypassing Google Play Store detection.
- Google confirmed no Spyrtacus-containing apps are on Google Play since 2022 and described the spyware's use as part of a 'highly targeted campaign.'
- SIO joins a legacy of Italian spyware companies like Hacking Team, with SIO's Spyrtacus detected in the wild since 2019.
- SIO is linked to ASIGINT, associated with command-and-control servers managing Spyrtacus, alongside other Italian spyware makers like Cy4Gate.
- The Spyrtacus spyware reveals traces of Neapolitan origin, hinting at developers from the Naples region behind its creation.
- Italian spyware companies have previously left regional clues in their spyware, as seen with eSurv, another Calabrian spyware maker.
- Unanswered questions remain about the government customer behind Spyrtacus and the targets affected by this malicious spyware.
Read Full Article
10 Likes
For uninterrupted reading, download the app