cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Google raises alarm on Italian spyware infiltrating Apple and Android phones

Alphabet Inc's Google reported that an Italian company’s hacking tools were used to spy on Apple Inc and Android smartphones in Italy and Kazakhstan this week.

user iconReporter
Fri, 24 Jun 2022
Google raises alarm on Italian spyware infiltrating Apple and Android phones
expand image

RCS Lab, based in Milan, developed tools to spy on private messages and contacts of the targeted devices, according to Google's report. The company's website states that its clients include European law enforcement agencies.

In a statement, Google explained that vendors like RCS Lab are enabling the proliferation of dangerous hacking tools and "arming governments that would not be able to develop these capabilities in-house".

According to a Reuters report, the governments of Italy and Kazakhstan did not immediately respond to their requests for comment.


An Apple spokesperson has confirmed that the company had revoked all known accounts and certificates associated with this hacking campaign.

In response, RCS Lab asserted that its products and services comply with European rules and "help law enforcement agencies investigate crimes".

The company told Reuters in an email that it condemned any abuse of its products.

"RCS Lab personnel are not exposed, nor participate in any activities conducted by the relevant customers," RCS Lab said.

Anti-surveillance activists have accused the company of aiding governments that in some cases, use such tools to crack down on human rights and civil rights.

Meanwhile, iGoogle has also confirmed that it had taken steps to protect its Android operating system users and alerted them about the spyware.

The global industry making spyware for governments has been growing, with more companies developing interception tools for law enforcement.

The advent of ransomware-as-a-service (RaaS) has prospered and Tenable has found that the service model has significantly reduced the barrier of entry, allowing cyber criminals who lack the technical skills to commoditise ransomware.

According to Robert Huber, Tenable's chief security officer and head of research, it has indeed become an easy way to operate ransomware.

"It's run just like a business.

"And just like a business, certain functions can be contracted out.

"You don't have to be an expert or subject matter expert to actually go out and build a ransomware kit, those components are already available for you," Huber said.

On its website, RCS Lab describes itself as a maker of "lawful interception" technologies and services including voice, data collection and "tracking systems". It says it handles 10,000 intercepted targets daily in Europe alone.

However, Google researchers found RCS Lab had previously collaborated with the controversial, defunct Italian spy firm Hacking Team, which had similarly created surveillance software for foreign governments to tap into phones and computers.

According to Reuters, Hacking Team went bust after it became a victim of a major hack in 2015 that led to a disclosure of numerous internal documents.

Google also believes hackers using RCS spyware worked with the target's internet service provider, and Billy Leonard, a senior researcher at Google, said that this suggests "they had ties to government-backed actors".

European and American regulators have been weighing potential new rules over the sale and import of spyware.

[Related: Cyber criminals thriving off the DIY ransomware kit business]

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.