Security & Fraud

American Malware Helped Russia Spy On iPhones

american spyware russia resold

A recent cybersecurity investigation revealed that a surveillance tool created by a small malware merchant in the U.S., Killer Mobile, was being used by Russia to spy on Android and iPhone devices.

In what is described as an “unprecedented spyware deal” between U.S. and Russian firms, the spyware is now being resold by a Russian surveillance company called OpenGSM that markets to government agencies and consumers within the country.

Through its investigation, Forbes also discovered that OpenGSM is actively recruiting hackers in order to strengthen its software sales.

The news points to an ongoing difficulty in monitoring the increasingly complex cyber arms market, where global players can distribute or sell malicious tools to other countries, despite the ethical concerns or risk of violating export laws.

“There needs to be a remedy for this market,” Sarah McKune, senior legal adviser at the University of Toronto’s spyware research center Citizen Lab, told Forbes. “This can’t be swept under the rug, because otherwise companies like these will keep emerging.”

From a tip provided by an anonymous security researcher, Forbes uncovered that Killer Mobile’s cellphone malware was being distributed and used in Russia.

The evidence of a link between Killer Mobile and OpenGSM, discovered through the investigation, points to an attempt by both companies to profit off what Forbes described as a “lawful intercept” market, which is expected to be valued at $1.3 billion by 2019.

That represents a significant increase from $252 million in 2014.

Based on data from Bitly on how many people clicked through on the Killer malware sample hosted by OpenGSM, Forbes estimates that the companies could have made as much as $150,000 revenue from $500,000 sales in just one month.

“We are intimately familiar with this spyware service due to its significant marketing of its products across various Russian-language, low-tier and top-tier cybercriminal communities,” Vitali Kremez, director of research at Flashpoint, explained.

Kremez said the owners of OpenGSM are also known for promising to share revenue and profitable collaborations with cybercriminals.

——————————

PYMNTS LIVE ROUNDTABLE: TUESDAY, JULY 14, 2020 AT 12:00 PM (ET)

Digital transformation has been forcefully accelerated, but how does that agility translate into the fight against COVID-era attacks and sophisticated identity threats? As millions embrace online everything, preserving digital trust now falls mostly on banks and FIs. Now, advances in identity data and using different weights on the payment mix afford new opportunities to arm organizations and their customers against cyberthreats. From the latest in machine learning for fraud and risk, to corporate treasury teams working in new ways with new datasets, learn from experts how digital identity, together with advances like real-time payments, combine to engender trust and enrich relationships.

Click to comment

TRENDING RIGHT NOW