A cloud-based security company, has recently discovered a new spyware called “Hermit” that is capable of affecting both Android and iOS devices.
- Hermit is a commercial spyware that is known to be used by governments with victims in Kazakhstan, Italy and northern Syria.
- The spyware was first detected in Kazakhstan in April 2022 after the government violently suppressed protests against government policies.
- Hermit is a modular spyware that hides its malicious capabilities in packages downloaded after it’s deployed.
- These modules, along with the permissions the core apps have, enable Hermit to exploit a rooted device, record audio and make and redirect phone calls, as well as collect data such as call logs, contacts, photos, device location and SMS messages.
- Hermit tricks users by serving up the legitimate webpages of the brands it impersonates as it kickstarts malicious activities in the background.