Tykelab, a subsidiary of Italy-based company RCS Lab, has reportedly been spying on behalf of its clients, including in countries with a record of human rights abuse, on citizens of countries across the globe.
According to a new report from investigative journalism group Lighthouse Reports, Tykelab has been using dozens of phone networks to send tens of thousands of secret “tracking packets” around the world, targeting people in countries including Libya, Nicaragua, Malaysia, Costa Rica, Iraq, Mali, Greece and Portugal, and Italy.
According to Lighthouse Reports, Tykelab’s tracking system involves the exploitation of vulnerabilities in global phone networks which make it possible for third parties to see phone users’ locations, and potentially intercept their calls, without any record of compromise being left on their devices.
The investigation revealed that spyware used and marketed by Tykelab includes Ubiqo, a tool which can “track the movements of almost anybody who carries a mobile phone, whether they are blocks away or on another continent”, as well as offering more sophisticated behavior analysis.
“Our findings originated with two confidential sources in the telecom industry. They had both independently been tracking significant volumes of suspicious traffic sent through a group of phone networks – much of it ostensibly from islands in the South Pacific. Through technical and other data they determined, independently from each other, that this traffic originated in Italy with a company called Tykelab. The company’s website says it’s an innocuous telecom services provider. Our sources said that its traffic had no legitimate purpose other than surveillance,” the group said in their report.
The news comes after a recent report from cybersecurity company Lookout that described a new modular enterprise-grade Android malware called “Hermit,” said to have been developed by RCS Lab and Tykelab, used in surveillance campaigns that targeted people in Kazakhstan, Syria, and Italy.