Governments using tools to hijack Smartphones
As we all know we live in an unfair world with hidden dictatorships by our own governments. We have to abide by the rules and we will be liable if we do not, but when it comes to the government itself; they do not know anything about it and they never want to!
The National Security Agency (NSA) and FBI are using spyware to access a suspect’s phone for, as they claim, the purpose of surveillance. This has been found by researchers from the Citizen Lab at the Munk School of Global Affairs at the University of Toronto and computer security firmKaspersky Lab.
For what can the malware be used?
The malware named RCS, Remote Control System, is developed by an Italian IT company known as “Hacking Team”. They sell the RCS to governments and law enforcements. The RCS can already be used for desktop computers, laptops and all kinds of jailbroken and non- jailbroken Smartphones, like Apple, Android, Windows, Symbian and Blackberry. The malware installs with the help of an Evasi0n jailbreaking tool.
Both researchers have recently presented their findings during an event in London. The outcomes were astonishing; the size of the command infrastructure supporting Hacking Team is increasing very fast with already 326 command-and-control (C&C) servers running in more than 40 countries.
“It was a well-known fact for quite some time that the HackingTeam products included malware for mobile phones. However, these were rarely seen,” said Kaspersky Lab experts on the blog post. “In particular, the Android and iOS Trojans have never been identified before and represented one of the remaining blank spots in the story.”
Worldwide usage of C&C servers
Researchers of Kaspersky Lab have scanned the entire IPv4-space by using a fingerprinting method to identify the IP addresses of RCS Command & Control servers around the world and they found the biggest host in United States with 64 C&C servers. The second country in the line was Kazakhstan with 49 servers, the third was Ecuador with 35, the UK with 32 was fourth and so on. All named and other countries summed up together, gives 326 Command & Control servers.
“The presence of these servers in a given country doesn’t mean to say they are used by that particular country’s law enforcement agencies,” said Sergey Golovanov, principal security researcher at Kaspersky Lab. “However, it makes sense for the users of RCS to deploy C&Cs in locations they control – where there are minimal risks of cross-border legal issues or server seizures.“
Working process of RCS
RCS can be physically or remotely installed. Physically goes through a USB or SD Card and remotely, it is done by spear phishing, exploit kits, drive-by downloads and network traffic injection.
Once it is installed on your Apple or Android device, it allows governments and law enforcement officers with larger capabilities to monitor victim devices and gives them the ability to:
-control phone networks
-steal data from their devices
-record voicemails
-intercept SMS and MMS messages
-obtain call history
-report on their location
-use the device’s microphone in real time
-intercept voice and SMS messages sent via applications such as Skype, WhatsApp, Viber and many more.
“Secretly activating the microphone and taking regular camera shots provides constant surveillance of the target—which is much more powerful than traditional cloak and dagger operations,” Golovanov wrote.
Although the Android module is protected by DexGuard, an optimizer which makes it extremely difficult to analyze the device, most of the abilities mentioned above are also available for Android, along with the support for hijacking applications such as Facebook, Google Talk, Tencent of China and many more.
Researchers said that the mobile modules are custom-built for each target.
At last, we have concluded from previous disclosures that RCS is currently being used to spy on political dissidents, journalists, human rights advocates and opposing political figures.
Links:
Special Thanks to anonymous singer. :)
0 comments :