Security researchers have probably uncovered that the Kazakhstani government is using spyware against dissidents and activists.
Published by Lookout last week According to the report,presumably those who are thought to be government officials are trying to infect their victims with an enterprise-grade spyware called “Hermit”.
Hermit is a highly sophisticated mobile remote management tool developed by Italian company RCS Lab. It is known that the company has been collaborating with Hacking Team, which has been developing malware for various customers since 2003 for mass surveillance and espionage. It can be said that the company and its extensions, which were closed after the hacking and reborn under the name Memento Labs, did not appear on the market for a long time.
Allegedly, the perpetrators of the incident in Kazakhstan sent fake SMS that appeared to come from a Chinese phone manufacturer, OPPO, to infect their targets with malware. The links in the SMS were going to OPPO’s previously offline Kazakh support page.
After victims click on the link, the spyware installs on the smartphone in the background and establishes a connection with a command and control server in Nur-Sultan, the capital city of Kazakhstan.
Paul Shunk, a security researcher working at Lookout, said in a statement that this malware campaign may be managed by an administrative structure in Kazakhstan, based on the targeting of Kazakh speakers and the location of the command and control server.