Security News > 2020 > January > Government spyware company spied on hundreds of innocent people
In March 2019, researchers with a group called Security Without Borders - a non-profit that often investigates threats against dissidents and human rights defenders - identified more than 20 government spyware apps squatting in plain sight, pretending to be harmless, vanilla apps on Google's Play store.
Those apps - which were just a decoy through which government spyware called Exodus was installed on targets' phones - were anything but harmless.
In a two-stage process, they snorted up lists of installed apps, browsing history, contact lists from numerous apps, text messages - including encrypted texts - location data, and app and Wi-Fi passwords.
After successfully creating an app for doctors to view medical records, a friend told him that he should get into the surveillance business, where investigators have been clamoring for help in penetrating communications encrypted by messaging apps such as WhatsApp and Signal.
How it worked: with the help of Italy's telecoms, the company would dupe people into downloading what appeared to be an innocuous app that would ostensibly fix network errors on their phone.