American Malware Helped Russia Spy On iPhones

american spyware russia resold

A recent cybersecurity investigation revealed that a surveillance tool created by a small malware merchant in the U.S., Killer Mobile, was being used by Russia to spy on Android and iPhone devices.

In what is described as an “unprecedented spyware deal” between U.S. and Russian firms, the spyware is now being resold by a Russian surveillance company called OpenGSM that markets to government agencies and consumers within the country.

Through its investigation, Forbes also discovered that OpenGSM is actively recruiting hackers in order to strengthen its software sales.

The news points to an ongoing difficulty in monitoring the increasingly complex cyber arms market, where global players can distribute or sell malicious tools to other countries, despite the ethical concerns or risk of violating export laws.

“There needs to be a remedy for this market,” Sarah McKune, senior legal adviser at the University of Toronto’s spyware research center Citizen Lab, told Forbes. “This can’t be swept under the rug, because otherwise companies like these will keep emerging.”

From a tip provided by an anonymous security researcher, Forbes uncovered that Killer Mobile’s cellphone malware was being distributed and used in Russia.

The evidence of a link between Killer Mobile and OpenGSM, discovered through the investigation, points to an attempt by both companies to profit off what Forbes described as a “lawful intercept” market, which is expected to be valued at $1.3 billion by 2019.

That represents a significant increase from $252 million in 2014.

Based on data from Bitly on how many people clicked through on the Killer malware sample hosted by OpenGSM, Forbes estimates that the companies could have made as much as $150,000 revenue from $500,000 sales in just one month.

“We are intimately familiar with this spyware service due to its significant marketing of its products across various Russian-language, low-tier and top-tier cybercriminal communities,” Vitali Kremez, director of research at Flashpoint, explained.

Kremez said the owners of OpenGSM are also known for promising to share revenue and profitable collaborations with cybercriminals.