Published: June 22, 2023 on our newsletter Security Fraud News & Alerts Newsletter.
No one likes the idea of their smartphone spying on them, so this latest spyware find is sure to go over like a lead balloon. Named “Hermit” by Lookout Research, the company announced this spyware is infecting both Android and iPhone users. Aside from the damage Hermit can do, Lookout Research suspects a telecom company, Tykelab Srl, may be hiding and using the spyware for their own gain. Researchers traced Hermit to Italian developer, RCS Labs.
It’s no secret that for decades, spyware was, and still is, a valuable espionage tool for governments. But when it’s turned toward everyday users, it takes on new meaning. Hermit, like most other spyware, can access your contacts, messages, record audio, take screenshots, and exploit other smartphone opportunities to invade your privacy.
Knowing your PII and more is in the hands of a creeping cybercriminal is awful, but the damage Hermit can do with your hijacked data is even worse. Crimes like identity theft, financial fraud and blackmail are all possible. The malware can also steal login data, record keystrokes, install adware, and redirect browsers to hacker-controlled web pages. All the stolen data can used by the cybercriminal or sold to third parties.
Has Your Smartphone Already Met Hermit?
There are signs that Hermit spyware, as with other spyware, may have made a home on your smartphone. Let’s hope you don’t recognize the following…
Your phone is running unusually slow, unusually hot, and battery power drains quickly.
Your phone is using massive amounts of data for no reason, and pop-up ads and notifications are way too frequent.
Your phone displays icons of programs you didn’t download and your browser shows new plugins or a toolbar you didn’t add.
Don’t Let This Hermit Move Into Your Smartphone
Since any device connected to the internet can potentially be infected by Hermit and other spyware, taking these precautions can help keep your smartphone avoid infection.
Keep all operating system, apps, and security patches updated as soon as they’re available.
Don’t open suspicious emails, and never open attachments or click on links, including in texts, when you can’t verify the sender is legitimate.
Only download apps from official Google and Apple app stores. Never sideload apps from third-party app stores.
Always use a trusted antivirus product. Check reviews, services, and prices since providers may offer different services and costs.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at email@example.com