Chapter in this post:
Italian software company RCS Lab has a software called Hermit developed to spy on users of smartphones. Hermit can be installed via sideloading on both iOS and Android. Anyone who becomes the target of espionage will receive an important-looking message or SMS with a link. If this link is tapped and the installation of the telecommunication or messengerApp camouflaged spyware, data can be tapped. This includes audio from the microphone, photos, messages, emails and location. In addition, calls can be diverted. Apple was able to block Hermit by blocking the software certificates.
Apple is actually strictly against sideloading and speaks out against downloading apps outside of the iOS App Store at every opportunity. However, there is the option for companies to install specially certified apps from outside the app store on their company iPhones. And it is precisely this loophole that RCS Lab has used for its Hermit spy software. The application, disguised as an app for regular communication, then served the purposes mentioned above. According to 9to5Mac ( here) the software was bought by people close to governments. People from Italy and Kazakhstan were monitored with it.
All details, technical background and codes are available from the Google Threat Analysis Group (TAG), which recently extensively uncovered the spyware: Spyware vendor targets users in Italy and Kazakhstan.
As mentioned above, there are specific certificates for companies sideloading apps. If an app or tool doesn't have this kind of permission, then it can't be used on iPhone, even in the secure sandbox environment. At RCS Lab, a corresponding certificate was obtained in order to get Hermit on Apple smartphones. To prevent this in the future, Apple revoked the certificate. It no longer legitimizes the software to install and run. This is another reason why it is always important to have the latest version of iOS installed. So that queries from security components meet the necessary requirements.
no Professionally developed spy software used by governments or government-affiliated entities is in many cases aimed at journalists, political opponents, activists and people who want to defend human rights. A broad or random use is not intended. From the well-known version of the Hermit spyware there is currently no danger because - as described above - infection via sideloading or execution on iPhones is prevented. Whether Apple will sue RCS Lab like it did NSO Group over the Pegasus Spyware, Time will tell.
What are your thoughts on the topic? Are you worried about spy software or stalkerware? Or do you think the iPhone with the latest iOS is safe enough not to worry about it? Feel free to leave a comment on the topic!
After graduating from high school, Johannes completed an apprenticeship as a business assistant specializing in foreign languages. But then he decided to research and write, which resulted in his independence. For several years he has been working for Sir Apfelot, among others. His articles include product introductions, news, manuals, video games, consoles, and more. He follows Apple keynotes live via stream.