A recent report by Italian digital rights group Osservatorio Nessuno has unveiled a new surveillance software named Morpheus, which has been linked to IPS, an established Italian technology firm. This spyware disguises itself as a phone update app and can extract extensive data from its targets’ devices. The investigation highlights a growing trend among law enforcement and intelligence agencies to employ stealthy surveillance technology, leading to the emergence of numerous suppliers, many of which operate under the radar.
IPS has a history of providing lawful interception technologies, allowing governments to monitor real-time communications. While the company claims operations in over 20 countries, details about its spyware arm remained concealed until the report. In the study, researchers categorised Morpheus as “low cost” spyware, primarily exploiting a straightforward method by duping targets into installing it themselves, unlike more sophisticated solutions from companies like NSO Group, which deploy invisible attacks.
The analysis indicated that the surveillance effort was aided by the victim’s mobile network provider, which intentionally restricted the target’s data access. The provider then sent a text message prompting the installation of what was presented as an update app, a tactic reminiscent of other espionage incidents in Italy. Once installed, Morpheus utilised Android’s accessibility features to read and interact with the victim’s data, capturing an array of sensitive information.
The malware’s process involved faking a device update, presenting a reboot screen, and impersonating WhatsApp to trick the user into providing their biometric identification, granting the software unrestricted access to their WhatsApp account. This methodology echoes that of government hackers previously involved in operations targeting activists.
Researchers Davide and Giulio from Osservatorio Nessuno linked Morpheus directly to IPS by tracing its infrastructure, including identifying peculiar code fragments in Italian. They suggested that the spyware’s target might be related to political activism, a sector prone to such surveillance activities in Italy. One cybersecurity expert acknowledged tracking this specific spyware and confirmed its Italian origin following the report’s findings.
The discovery of IPS adds to a list of Italian spyware developers burgeoning in the void left by the infamous Hacking Team, which was once a dominant player in the spyware market before its downfall. In recent years, multiple Italian spyware firms, including CY4GATE and SIO, have been exposed for their dubious practices.
Furthermore, WhatsApp recently warned several users who fell victim to a counterfeit version of its app, which was actually a spyware developed by SIO. Additionally, Italian authorities have previously suspended the use of certain spyware after encountering significant issues. This report underscores the ongoing challenges and ethical implications surrounding government surveillance technologies in modern society.
Fanpage: TechArena.au
Watch more about AI – Artificial Intelligence
