UPSC Article

Back
APP Users: If unable to download, please re-install our APP.
Only logged in User can create notes
Only logged in User can create notes

General Studies 3 >> Science & Technology

audio may take few seconds to load

HERMIT

HERMIT

1. About Hermit

  • A SOPHISTICATED spyware called Hermit is in the news for targeting iPhones and Android devices in Italy and Kazakhstan. Its deployment was first reported by a researcher at the Lookout, a San Francisco-based cybersecurity firm. 
  • Then, Google’s Threat Analysis Group (TAG) put out a detailed blog post last week explaining how they believed Hermit was being used to target devices.

 

2. Working of Hermit

  • Hermit is spyware on the lines of Pegasus by the NSO Group.
  • Once installed on a device, it can record audio on the device, and carry out unauthorized calls.
  • According to Lookout, the spyware can steal stored account emails, contacts, browser bookmarks/searches, calendar events, etc.
  • It can also take pictures on the device, and steal device information such as details about applications, the kernel information, model, manufacturer, OS, security patch, and phone number. 
  • The spyware can also upload files from the device, read notifications, and take pictures of the screen. 
  • Further, it can download and install APK (the app software files on Android) on a compromised phone.

 

3. Deployment of Hermit

  • Sophisticated spyware such as Hermit and Pegasus costs millions of dollars in licensing fees.
  • These are not like common malware targeting regular users. 
  • In the case of Hermit, it appears the operations used were complex. According to Google’s TAG team, all campaigns started with a unique link sent to the victim’s phone. 
  • When the user clicked it, the page installed the application on both Android and iOS.

 

4. How did hermit surpass Firewalls of security

  • According to Google, the actors targeting the victims possibly had to work with the target’s Internet Service Provider (ISP). Google Photos, “We believe the actors worked with the target’s ISP to disable the target’s mobile data connectivity. 
  • Once disabled, the attacker would send a malicious link via SMS asking the target to install an application to recover their data connectivity.
  • According to Lookout, some attacks in Kazakhstan masqueraded as pages for the phone brands Oppo, Samsung and Vivo. 

 

Share to Social

Related Articles

BLACK CARBON EMISSIONS ...

27-Mar-2024
Read more

JAMES WEBB TELESCOPE...

14-Jul-2022
Read more

PRESS AND PERIODICALS BILL 2023...

30-Dec-2023
Read more

WORLD CONSUMER RIGHTS DAY...

15-Mar-2023
Read more