Three Samsung smartphones (opens in a new tab) the models were found to contain security vulnerabilities that were allegedly exploited by a commercial surveillance provider to spy on people and possibly steal their sensitive data.
Researchers from the Google Project Zero team for the Middle East or Africa.
Google did not name the provider, but said the vulnerabilities appear to be part of a chain of infection. The research team only managed to get hold of the exploit application component, which means there is still no information on the final content.
Nation-state spyware
“The first vulnerability in this chain, reading and writing any file, was the basis of this chain, used four times and at least once in every step,” wrote Maddie Stone, Google Project Zero security researcher blog post (opens in a new tab) outlining the threat.
“Java components in Android devices are not the most popular targets for security researchers, despite operating at such a privileged level,” she added.
Google also said the exploit works in a similar way to what we’ve seen before when a nation-state attacker targets individuals with powerful spyware.
This may refer to Hermit, an Android and iOS spyware developed by RCS Lab, an Italian monitoring company. Back then, Hermit allegedly attacked people in Italy and Kazakhstan.
Occasionally, a commercial company becomes a frontier criminal with spyware-like software. One such example is NSO Group Technologies, an Israeli tech company known primarily for Pegasus, a proprietary spyware capable of remote surveillance of a smartphone without a click. Pegasus has brought NSO Group into the media spotlight on numerous occasions, most notably in November 2021 when the US government banned trading with the company.
By: TechCrunch (opens in a new tab)