Lookout blows whistle on Kazakhstan's use of malware


By Dylan Bushell-Embling
Wednesday, 22 June, 2022

Lookout blows whistle on Kazakhstan's use of malware

Endpoint and cloud security company Lookout has discovered evidence of an enterprise-grade android surveillance malware being used by the Government of Kazakhstan within its borders.

The company’s researchers have also found evidence of deployment of the spyware in Italy and north-eastern Syria.

The spyware, which Lookout researchers have named Hermit, appears to have been developed by Italian spyware vendor RCS Lab and Tykelab Srl, a telecommunications solutions company that may be operating as a front company.

Hermit is a modular spyware that hides its malicious capabilities in packages downloaded after it has been deployed. The spyware has 25 known modules.

The 16 modules researched by Lookout enable Hermit to exploit a rooted device, record audio and make and redirect phone calls, as well as collect data such as call logs, contacts, photos, device location and SMS messages.

Lookout Threat Intelligence Researcher Justin Albrecht said the discovery provides an in-depth look into a spyware vendor’s activities and how sophisticated app-based spyware operates.

“Based on how customisable Hermit is, including its anti-analysis capabilities and even the way it carefully handles data, it’s clear that this is well-developed tooling designed to provide surveillance capabilities to nation-state customers,” he said.

“What’s also interesting is that we were able to confirm Kazakhstan as a probable current customer of RCS Lab. It’s not often that you are able to identify a spyware vendor’s clientele.”

Image credit: ©stock.adobe.com/au/tippapatt

Related News

Cloudflare has changed how AI crawlers scrape the internet

Cloudflare is now protecting online IP by blocking AI crawlers by default, and offering a...

Nearly half of Australian companies opt to pay ransoms: report

A recent survey found that Australian ransom payments have decreased from 66% to 41% in the past...

Barracuda launches vulnerability detection tool

Barracuda Networks has introduced a new solution aimed at helping organisations uncover and...


  • All content Copyright © 2025 Westwick-Farrow Pty Ltd