Bogus news app used to deliver Hacking Team spy tool
Data stolen from Hacking Team continues to yield information about the company’s infiltration techniques. The latest find is a fake Android news app, which was used to install its flagship surveillance tool.
The app is called “BeNews,” the same name as a long-shuttered news website, wrote Wish Wu, mobile threat response engineer, on Trend Micro’s blog.
Inside the app is a backdoor that appears to have been used to load the Android version of Hacking Team’s Remote Control System (RCS), also known as Galileo, a data-collecting tool the company sold to law enforcement and security agencies worldwide.