Explained: What is Hermit; how to protect yourself from it

For representational purpose
x

For representational purpose

Highlights

Hermit is new spyware that is more invasive and malicious than Pegasus. Government agencies are believed to have used it to target iPhone and Android devices in Italy and Kazakhstan.

While there are several unanswered questions about Pegasus spyware, new spyware has emerged that is wreaking even more havoc. Developed by an Italian vendor called RCS Lab, the new spyware called Hermit is believed to have targeted iPhone and Android users in Italy, Kazakhstan and, according to some sources, Syria as well.
Hermit is actually much more dangerous than Pegasus. Hermit is part of a sophisticated malware attack that is being actively used in the wild. Attackers are using zero-day or yet-to-be-patched vulnerabilities and a host of other dangerous exploits in Android and iOS code to deploy malware that can take control of someone's iOS or Android device.
When implemented correctly, Hermit can launch a sophisticated attack that could fool just about anyone. One tactic attackers have employed, according to Google's Threat Analysis Group or TAG, is to work with the target's ISP to disable the target's mobile data connectivity and send them a malicious link via SMS to regain connectivity, which then installs a data mining and data collection malware.
At this time, it is unclear whether ISPs in the affected areas were actively involved in facilitating these attacks or were compromised to carry them out. In any case, things are not looking for ISPs in the affected areas.
Another tactic was to send links to deceptive and convincing versions of popular apps like Facebook and Instagram which, again, resulted in the target's phone being infected.
When infected, an attacker can deploy more malware that is difficult or impossible to detect or remove. Furthermore, this malware can literally do anything: spy on your phone conversations, read your messages including bank OTPs, access your camera and microphones, etc. And yes, a malicious actor can even place things on his device.
With Pegasus, at least we had the certainty that spyware was only used by government agencies and law enforcement. There was no evidence to suggest that third parties or independent actors had access to it. That is not the case with Hermit. There are cases where criminals and other malicious parties have been reported to use Hermit to attack certain individuals.
As tricky as things are with the Hermit, there are some basic safety precautions that can go a long way. Follow them and you may never be affected by such spyware and malware.
Keep your device software and apps up to date. Make sure to install all security updates right away.
Never click on a suspicious link that you received in an SMS, even if it is from your service providers, Google, Facebook or any other service you may be using.
Always install the apps you need from an authorized app store. Never allow any other app to download and install another app.
Reboot your device daily. That way, if something suspicious happens, you'll be able to see clear evidence of it.
Use third-party browsers like DuckDuckGo and Vivaldi instead of any bundled browser.
Show Full Article
Print Article
Next Story
More Stories
ADVERTISEMENT
ADVERTISEMENTS