The IT Nerd

The more that I hear about the Hacking Team hack, the scarier the news gets. This latest piece of news comes from Trend Micro who looked at RCSAndroid (Remote Control System Android) from the Hacking Team. Their assessment was this:

The RCSAndroid code can be considered one of the most professionally developed and sophisticated Android malware ever exposed. The leak of its code provides cybercriminals with a new weaponized resource for enhancing their surveillance operations.

Why is that? I’ll them tell you:

Based on the leaked code, the RCSAndroid app can do the following intrusive routines to spy on targets:

• Capture screenshots using the “screencap” command and framebuffer direct reading
• Monitor clipboard content
• Collect passwords for Wi-Fi networks and online accounts, including Skype, Facebook, Twitter, Google, WhatsApp, Mail, and LinkedIn
• Record using the microphone
• Collect SMS, MMS, and Gmail messages
• Record location
• Gather device information
• Capture photos using the front and back cameras
• Collect contacts and decode messages from IM accounts, including Facebook Messenger, WhatsApp, Skype, Viber, Line, WeChat, Hangouts, Telegram, and BlackBerry Messenger.
• Capture real-time voice calls in any network or app by hooking into the “mediaserver” system service

The really scary part is that this code has been in the wild since 2012. Now the Trend Micro article does describe how to protect yourself from this. But if you are infected, you’re pretty much screwed because it can only be removed with the help of the company that made your Android device. Lovely.

What’s also scary is that we’re not done yet with this as there will likely be more from this hack that will keep people like me awake at night.

This entry was posted on July 22, 2015 at 3:00 pm and is filed under Commentary with tags hack, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.