How hackers used iOS to target victims
The report claims that the hackers sent a malicious SMS text message with a link to targets in Indonesia.When victims clicked the link, spyware developed by Variston infected their phones. The link then redirected victims to a legitimate news article to disguise the hacking attempt.
Google discovered this campaign in March 2023 but did not disclose who Variston’s government customer was. This is the third time in three years that the tech giant discovered malware created by Variston.The report claims that Variston collaborated with several organisations to develop and deliver its spyware. This includes a company called Protect Electronic Systems based in the United Arab Emirates. Protect claims to be a cybersecurity firm but works with Variston to package its spyware into products sold to government customers, the report adds.
How Google is planning to curb the use of spyware
As per the report, the market for European spyware makers, including Italian companies like Cy4Gate, RCS Lab, and Negg is also growing. While controversial Israeli firms like NSO Group have received significant attention, European companies have also been expanding their capabilities and reach.
Google plans to disrupt these hacking campaigns since spyware has been used to target journalists, dissidents and politicians. The company argues that even if spyware is deployed for legitimate purposes like law enforcement, the broader damage to free speech and democracy worldwide is too high.
The company recently called multiple spyware and has asked countries to do more to curb the sale and misuse of commercial spy tools that have been used to target high-risk users.