Russian Military Hardware Vendor Accused Of U.S. Espionage
The United States has accused a Russian defense contractor company named Special Technology Center (STC) for developing specialized software to spy on Android users. For many years, the western nations such as the United States and many European Union nations have accused Russia of intervening with their internal domestic affairs through its spying campaigns and state-level espionage activities. Just like clockwork, every time Russia is blamed for cybercrime, Kremlin fully denies it, usually with a counter-claim that it is the United States and its allies that are trying to conduct espionage activities against countries critical of them.
Lookout, an Android security app vendor confirmed that STC is behind the spread of Android apps. Allegedly done with the use of built-in espionage spyware named Monokle, after the former tried to reverse-engineer the unnamed affected apps. Monokle is a spyware that communicates with STC software, with an IP address that is clearly identified with the latter. According to the report, Monokle-loaded apps didn’t come from Google Play Store, but rather through 3rd party sources that users sideload with their Android devices.
“We are seeing yet another vendor, that is a defense contractor in this case, that is producing a highly sophisticated malware to spy on users of mobile devices. That really drives home the risk around mobile devices and how they are being attacked,” explained Christoph Hebeisen, Lookout’s senior manager of security intelligence.
Lookout categorize Monokle not just as a typical spyware but a full fledged surveillance malware. It utilizes new techniques to harvest data that were not previously seen in an Android based malware. Also known under the term “weaponized malware”, Monokle is designed to monitor web activity of the Android user – given that a special root certificate from the makers of Monokle is installed for the purpose of espionage.
STC is a genuine military-hardware supplier for the Russian government, their speciality products are military drones and accessories.““Monokle is advanced and full featured mobile surveillance software. It could be used for any objective which would require surveillance through a mobile device. In similar attacks, such as Dark Caracal, we’ve observed the use of phishing attacks through messaging applications, SMS, or emails used to distribute this type of malware,” added Adam Bauer, senior staff security intelligence engineer. This is not the first time that STC has received a bad rap from the United States, three years ago in 2016, the U.S. government already tagged it as a company that is involved with “Malicious cyber-enabled activities”.
A surveillance app can also be used for good, like for the purpose of crime prevention which has the function to identify the person who stole the smartphone, including its current location. In addition to releasing the shutter by remote control, some cameras do not make even the shutter sound. There is no such great feature to find out who is the person you are with and where you are. Although it is a smartphone surveillance app that becomes a terrifyingly powerful item in the cheating survey, there are many occasions where illegality is questioned just by using it. Just like what the U.S. is accusing Russia of doing against its citizens.
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.