In operation since 1992, RCS Labs is a relatively unknown Italian company, and just one node in a web of spyware vendors operating out of Italy [therecord.media] with little oversight:
In April 2022, about four months after Kazakhstan’s government violently cracked down on nationwide protests, cybersecurity researchers discovered [lookout.com] that authorities in the country were deploying [blog.google] spyware on smartphones to eavesdrop on citizens.
[...] The spyware, known as Hermit, is believed to have been used in several other countries including Syria and Italy. Documents published by Wikileaks in 2015 show that RCS had engaged with military and intelligence agencies in Pakistan, Chile, Mongolia, Bangladesh, Myanmar, Vietnam and Turkmenistan, according to a blog post [lookout.com] from Lookout, the cloud security company which discovered Hermit.
[...] Although much attention is given to sophisticated, zero-click spyware developed by companies like Israel’s NSO Group, the Italian spyware marketplace has been able to operate relatively under the radar by specializing in cheaper tools. According to an Italian Ministry of Justice document [documentcloud.org], as of December 2022 law enforcement in the country could rent spyware for €150 a day, regardless of which vendor they used, and without the large acquisition costs which would normally be prohibitive.
As a result, thousands of spyware operations have been carried out by Italian authorities in recent years, according to a report from Riccardo Coluccini, a respected Italian journalist who specializes in covering spyware and hacking.
“Spyware is being used more in Italy than in the rest of Europe because it's more accessible,” Fabio Pietrosanti, president of Italy’s Hermes Center for Transparency and Digital Human Rights and a prominent ethical hacker there told Recorded Future News. “Like any technology or any investigative tool, if it's more accessible, then it will be more used. That's just the natural consequence.”
Originally spotted on Schneier on Security [schneier.com].
Previously: Italian Government Spyware Infiltrated Google Play [soylentnews.org]