Researchers at the University of Toronto’s Citizen Lab said a security issue was exploited to plant spyware on the iPhone of Saudi activists. They said they were confident that Israel’s NSO Group, the world’s most notorious hacker hiring company, was behind the attack.
Previously unknown vulnerabilities have affected all major Apple devices (iPhone, Mac, Apple Watch), according to researchers. NSO Group responded with a statement stating that it would continue to provide tools to combat “terrorism and crime.”
Researchers said it was the first time a so-called “zero-click” exploit was discovered and analyzed that did not require users to click on suspicious links or open infected files. They found malicious code on September 7th and immediately warned Apple. The targeted activists sought to remain anonymous, they said.
“We haven’t necessarily attributed this attack to the Saudi government,” said researcher Bill Marzac.
Citizen Lab previously had a zero-click exploit
Al Jazeera For journalists and other targets, I’ve never seen malicious code itself.
According to security experts, the average iPhone, iPad, and Mac user generally doesn’t have to worry, but such attacks tend to be targeted to specific targets, and this finding remains a security expert. I am surprised.
Malicious image files were sent to activist phones via the iMessage instant messaging app before being hacked by NSO’s Pegasus spyware, which opens the phone for eavesdropping and remote data theft, Marczak said. It was discovered during a second examination of the phone, which indicated that forensic medicine was infected in March. He said malicious files cause device crashes.
According to Citizen Lab, the incident reaffirms that NSO Group has allowed the public to use spyware.
In a blog post, Apple said it is issuing security updates for iPhones and iPads because “maliciously created” PDF files can be hacked. He acknowledged that this issue could have been abused and quoted Citizen Lab.
In a subsequent statement, Apple security chief Ivan Krstic praised Citizen Lab, saying that such an exploit was “not a threat to the overwhelming majority of users.” It has a dollar to develop and often a short shelf life. Apple didn’t answer the question as to whether this was the first time it had patched the zero-click vulnerability.
The user receives an alert on the iPhone and prompts them to update the iOS software on the phone. Those who want to jump the gun can go to the phone settings and click General> Software Update to trigger the patch update directly.
Citizen Lab called the iMessage exploit FORCE DENTRY and said it works for Apple iOS, MacOS and WatchOS devices. It encouraged people to install security updates immediately.
Researcher John Scott-Railton said the news highlights the importance of protecting popular messaging apps from such attacks. “Chat apps are becoming the primary way for nation-states and mercenary hackers to access their phones,” he said. “And that’s why it’s so important to focus on making sure your company is locked down as much as possible.”
Researchers also said they undermine the NSO Group’s claim to sell spyware only to law enforcement officers for use against criminals and terrorists and audit customers to ensure that it has not been abused. rice field.
“If Pegasus had been used only against criminals and terrorists, we wouldn’t have found anything like this,” Marzac said.
Facebook’s WhatsApp is also allegedly targeted by NSO’s zero-click exploit. In October 2019, Facebook sued NSO in a US federal court for targeting approximately 1,400 users of spyware-encrypted messaging services.
In July, the Global Media Consortium released a disgusting report on NSO Group’s clients spying on journalists, human rights activists, political opponents, and those close to them for years. Targeting. Amnesty International said it confirmed the success of 37 Pegasus infections based on a leaked targeting list of unknown origin.
One incident involved the fiancée of Washington Post journalist Jamal Khashoggi, just four days after being killed at the Saudi Consulate in Istanbul in 2018. The CIA attributed the murder to the Saudi Arabian government.
Recent revelations have also prompted calls for an investigation into whether the Hungarian right-wing government used Pegasus to covertly monitor key journalists, lawyers and business people. The Indian parliament also protested after opposition lawmakers accused Prime Minister Narendra Modi’s government of using NSO Group products to spy on political opponents.
France is also trying to reach the root of allegations that President Emmanuel Macron and members of his government may have been targeted in 2019 by an unidentified Moroccan security agency using Pegasus. Morocco, France’s major ally, has denied these reports and has taken legal action to counter allegations involving the Kingdom of North Africa in the spyware scandal.
Apple issues an urgent software patch to fix security flaws related to Pegasus spyware
Source link Apple issues an urgent software patch to fix security flaws related to Pegasus spyware