Motherboard came across an interesting video that showcases the capabilities of "Mito3", a piece of spyware developed by Italian surveillance company RCS Lab. The company's spyware solutions are sold to governments and have flown under the radar for years.
The clip below shows a live demonstration of how the spyware can perform a man-in-the-middle attack and infect a computer that wanted to visited a specific website.
The company’s employee shows how such an attack would work, setting mirc.com (the site of a popular IRC chat client) to be injected with malware (this is shown around 4:45 minutes in). Once the fictitious target navigates to the page, a fake Adobe Flash update installer pops up, prompting the user to click install. Once the user downloads the fake update, he or she is infected with the spyware.
“All this installation process is, in reality, is completely a fake. It’s sort of a movie,” the RCS Lab employee says in the video. “Because in reality, at this point, he’s already infected.”