"Apple and Android phones hacked by Italian spyware, Google says", 23 June 2022

An Italian company's hacking tools were used to spy on Apple Inc (AAPL.O) and Android smartphones in Italy and Kazakhstan, Alphabet Inc's (GOOGL.O) Google said in a report...

Milan-based RCS Lab, whose website claims European law enforcement agencies as clients, developed tools to spy on private messages and contacts of the targeted devices...

"These vendors are enabling the proliferation of dangerous hacking tools and arming governments that would not be able to develop these capabilities in-house," Google said.

The governments of Italy and Kazakhstan did not immediately respond to requests for comment. An Apple spokesperson said the company had revoked all known accounts and certificates associated with this hacking campaign.

RCS Lab said its products and services comply with European rules and help law enforcement agencies investigate crimes.

"RCS Lab personnel are not exposed, nor participate in any activities conducted by the relevant customers," it told Reuters... adding it condemned any abuse of its products.

Google said it had taken steps to protect users of its Android operating system and alerted them about the spyware.

While RCS Lab's tool may not be as stealthy as Pegasus, it can still read messages and view passwords, said Bill Marczak, a security researcher with digital watchdog Citizen Lab.

In some cases, Google said it believed hackers using RCS spyware worked with the target's internet service provider, which suggests they had ties to government-backed actors, said Billy Leonard, a senior researcher at Google.