During a talk at the Black Hat hacking conference on Wednesday, Megan Ruthven, a software engineer on Google"s Android Security team, and Andrew Blaich, a security researcher at cybersecurity company Lookout, presented their findings on Lipizzan, a set of surveillance apps that until recently were hosted on the Google Play store.
"Lipizzan is a multi-stage spyware product capable of monitoring and exfiltrating a user"s email, SMS messages, location, voice calls, and media," Google researchers wrote in a blog post published on Wednesday. The apps would pose as legitimate and banal pieces of software, such as a backup application, and once installed would download more malicious software and jailbreak the device with known exploits. Google found fewer than 100 devices (0.000007 percent of all Android devices) infected with Lipizzan malware, according to the blog post.
Lipizzan is linked to Equus Technologies, an Israel-based company, according to the researchers. In response to a question from a Forbes reporter during the Black Hat presentation, Ruthven said the reference to Equus Technology was included in a configuration file of Lippizan.
Equus Technologies is "a privately held company specializing in the development of tailor made innovative solutions for law enforcement, intelligence agencies, and national security organizations," according to the company"s LinkedIn page. At least one employee of Equus Technologies, per the company"s LinkedIn profile, is a former staff member of NSO Group, a notorious, Israeli malware vendor.
No comments:
Post a Comment