RCS S.p.A.
VAT Number: 07715580630.
Product Names: “Hermit” (unofficial).
Capabilities: Spyware, 0-day Exploits, IP Network Surveillance, Video/Audio Surveillance.
Parent Company: Cy4Gate S.p.A. (13129151000).
RCS, also known as RCS Lab or ETM Sicurezza, is an italian information technology , part of the Cy4Gate group along with Tykelab.
Founded in 1992, RCS main focus is mobile device spyware.
As early as 2012, RCS was a reseller of Hacking Team’s surveillance software to various problematic governments like Turkmenistan, Pakistan, Bangladesh, and Vietnam.[1]
In 2022, Google’s Threat Analysis Group (TAG) discovered the “Hermit” spyware made by RCS.
The spyware was hosted on unique links sent to the victim via SMS while the ISP, in accordance with RCS, disabled data connectivity of the victim.
The iOS spyware was signed through the Apple Developer Enterprise program, and contained a number of publicly available exploits (CVE-2018-4344, CVE-2019-8605, CVE-2020-3837, and CVE-2020-9907) and 0-day exploits (CVE-2021-30883, and CVE-2021-30983).[2]
The Android version required the victim to enable installation of applications from unknown sources, and didn’t contained any 0-days out-of-the-box but the code contained hints about such capabilities.[3][4]
The “Hermit” spyware was deployed in Kazakhstan and Syria, both countries with poor human rights records, and Italy.[5]
This company is also listed on Surveillance Watch.