Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.

Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.


Massive 'legal' spying, malware net uncovered

25 June 2014, 14:29 Duncan Alfreds, Fin24

Cape Town - A security company has uncovered a massive cyber spying net with its tentacles in a number of countries dedicated to hacking Android phones and iPhones.

On Tuesday, Kaspersky Lab, working in conjunction with Citizen Lab identified the infrastructure used to control malware implants remotely.

The legal malware, known as Galileo, was developed by Italian company HackingTeam and includes a number of Trojans that can infect both Android and iOS.

Galileo command and control centres (C&C) were mapped in over 40 countries with the majority of servers in the US, Kazakhstan, Ecuador, the UK and Canada.

Kaspersky found that there were 320 servers actively processing the malware and victims included activists and human rights advocates, as well as journalists and politicians.

Specific techniques

"The presence of these servers in a given country doesn't mean to say they are used by that particular country's law enforcement agencies. However, it makes sense for the users of RCS [Remote Control System] to deploy C&Cs in locations they control - where there are minimal risks of cross-border legal issues or server seizures," said Sergey Golovanov, principal security researcher at Kaspersky Lab.

Operators of the network target each individual with a number of different methods including specific phishing techniques, zero day vulnerabilities, USB infections and social engineering.

The security company said that while iPhones were immune to the exploit, the Galileo operators could remotely jail-break the device, making it susceptible to infection.

"Non-jail-broken iPhones can become vulnerable too: An attacker can run a jail-breaking tool like Evasi0n via a previously infected computer and conduct a remote jail-break, followed by the infection," Kaspersky said.

"To avoid infection risks, Kaspersky Lab's experts recommend that you first of all don't jailbreak your iPhone, and secondly also constantly update the iOS on your device to the latest version," the company added.

The malware also operates on mobile devices discreetly. It can, for example, ensure that it doesn't drain the battery and run in stealth mode so it is invisible to the user.

It can also be programmed to record audio only when certain conditions are met. For instance, it could only begin recording when the device is connected to a specific Wi-Fi network or when the smartphone is charging.

- Follow Duncan on Twitter



Read News24’s Comments Policy

Comment on this story
Comments have been closed for this article.

Read more from our Users

Submitted by
Wilson Ochieng
Apologise for attack on Auditor G...

Apologise for attack on Auditor General, President Uhuru Kenyatta is told by Kisumu Senator Anyang Nyong'o. Read more...

Submitted by
Wilson Ochieng
Quit if you can't fight corruptio...

An MP has told President Uhuru Kenyatta to quit office if he cannot fight corruption. Read more...

Submitted by
Wilson Ochieng
Investigate Uhuru, Ruto for corru...

Investigate President Uhuru Kenyatta and DP William Ruto's offices over corruption, CORD leader Raila Odinga has said. Read more...

Submitted by
Victor Tinto
Its a 1 horse race to State House...

Its a 1 horse race to State House, DP William Ruto has mocked the CORD Coalition. Read more...

Submitted by
Victor Tinto
Enjoy your time left in power, We...

CORD Co Principal Moses Wetangu'la has told the Jubilee Coalition to enjoy its last few months in power before it is voted out in the 2017 elections. Read more...

Submitted by
Victor Tinto
Stop hiding in State House and sa...

ODM MP's have called on President Uhuru Kenyatta to release drought aid and to stop sitting on public funds. Read more...