Journalists from Motherboard have managed to obtain a 10-minute video showing a demonstration of the Italian government contractor RCS Labs performing a spyware infection attack against an unidentified target.
The RCS Labs Spyware Attacks Are Dangerous and Real
Motherboard has uploaded a video on Youtube showcasing a live demonstration of a spyware suite developed by the Italian contractor RCS Labs. Little is known publicly about their products and their customers. The company is located in Milan, and their web site lists two types of products that they produce – monitoring centers and tactical tools for penetration testing and intelligence gathering.
The contents of the 10-minute video showcase a company employee performing a demonstration of the spyware solution to infiltrate a target system to an unidentified person. The carried out attack is a man in the middle type that infects the victim computer. The spyware solution named Mito3 is used by the operator to set up the infiltration by using simple rule-based vectors in the product configuration menu.
The malicious operator showcases that he can choose at will what sites can be used for the attack and injects malicious code by clicking on an “Inject HTML” button to unleash a series of malicious popups that appear on the victim’s screen. The Mito3 spyware suite allows clients of RCS Labs to spy on the targets, intercept voice calls, access text messages, view social media activities and chats etc.
According to the leaked information, the platform can be used against both desktop and mobile platforms. Geolocation tracking is also possible by using the GPS capabilities of the infected victims. The developers of Mito3 have also integrated an automatic transcription feature that helps when viewing recordings.
The demonstrated attack showed how mirc.com (the home page of the famous IRC client) could be injected with malware code. When the target host navigates to the page, a fake Adobe Flash update popup appears, and the user’s interaction with it triggers the spyware.