Russian defence contractor developing smartphone spyware, claims US firm

Friday, 26 July 2019 00:00 -     - {{hitsCtrl.values.hits}}

A pedestrian looks at a smartphone while standing at a 

corner in the financial district of Toronto, Ontario, Canada 

San Francisco, Reuters: A Russian defence contractor accused by the United States of supporting cyber-attacks has developed sophisticated software used to spy on smartphones, an American security company said on Wednesday. 

St. Petersburg-based Special Technology Centre (STC) developed code that has been aimed at a small number of targets, including those interested in a rebel militia in Russian-allied Syria, security firm Lookout said in a report. 

Lookout, which specialises in securing mobile devices against cyber-attacks, said it detected samples of the malware aimed at phones running Google’s Android almost a year ago. 

It declined to say whether the samples were found on its users’ phones or in what country the attacks had been detected. 

The United States and other Western countries have accused the Russian government and companies working on its behalf of conducting cyber-attacks against organisations around the world. 

The Kremlin has repeatedly denied the allegations, which it says are not supported by real evidence, and did not immediately respond to a request for comment on Lookout’s findings. 

STC did not immediately respond to a request for comment either. 

Investigators at Lookout, which is headquartered in San Francisco and produces mobile security software for US government agencies as well as consumers, said they had named the spyware Monokle after a term found in the code. 

Monokle can be remotely operated, they said, and communicated with an Internet Protocol address that was also used to send commands to defensive software made by STC. 

“Monokle is an advanced and full-featured piece of surveillanceware which has implemented several features we haven’t seen before to capture data,” Lookout said in a statement to Reuters. 

The program can be installed on victims’ devices in multiple ways, including through corrupted versions of popular apps. In some cases, it installed certificates that allowed it to intercept encrypted internet traffic. 

It also tried to capture user codes for unlocking the devices. 

The United States sanctioned STC and two other companies in 2016 for engaging in “malicious cyber-enabled activities,” including providing support to Russian military intelligence agency. STC is better known for manufacturing drones and other equipment for the Russian military. 

Spyware aimed at phones is a varied and competitive field, with sophisticated versions like Monokle sold to national governments, turnkey hacking services sold to police and cheap “spouseware” sold to individuals tracking their romantic partners or family members, often illegally. Vendors at all levels have suffered hacks in recent years, including some who sold high-end tools to the West, by anonymous people claiming to act for moral reasons. Meanwhile, Russia has been accused by US authorities of stealing hacking tools directly from American agencies. 

 

COMMENTS