Digital rights group CitizenLab has discovered a vulnerability that allowed Israeli spyware company NSO Group to implant its Pegasus malware onto virtually every iPhone, Mac, and Apple Watch device.
CitizenLab revealed the vulnerability on Monday, a week after discovering it by analyzing the phone of a Saudi activist that had been infected with the malware. The discovery was announced to the public shortly after Apple rolled out an update to patch the vulnerability.
The vulnerability allowed the NSO Group’s clients to send malicious files disguised as .gif files to a target’s phone, which would then exploit “an integer overflow vulnerability in Apple’s image rendering library” and leave the phone open to the installation of NSO Group’s now-infamous ‘Pegasus’ malware.
The exploit is what’s known as a ‘zero-click’ vulnerability, meaning that the target user would not have to click a suspicious link or file to allow the malware onto their device.
While most Apple devices were vulnerable, according to the researchers, not all of those afflicted by the spyware were breached in this way. Instead, NSO Group sold the use of its malware to clients around the world, who used the tool to spy on the phones of rival politicians, journalists, activists, and business leaders.
News of the malware’s existence was first broken earlier this summer by Amnesty International and Forbidden Stories, a French investigative outlet, and reported by a collection of partner news outlets. Among those accused of using the Israeli malware are the governments of Azerbaijan, Bahrain, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Hungary, India, and the United Arab Emirates (UAE).
A leaked list suggested that as many as 52,000 names were marked as possible targets for surveillance by NSO Group’s customers, and roughly a tenth of these targets were reportedly surveilled. Pegasus granted users access to calls, messages, photos and files, and allowed them to secretly turn on the target phones’ cameras and microphones.
CitizenLab pinned the latest exploit on NSO Group after discovering a so-called ‘digital artifact’ left behind that matched calling cards left by the company’s other exploits, and similarly-named processes in its code.
The NSO Group has not commented on CitizenLab’s latest research, which comes just one day before Apple’s anticipated unveiling of the iPhone 13 ahead of its launch later this month.
Think your friends would be interested? Share this story!
source: RT
Împotriva articolelor redacției noastre, persoanele nemulțumite pot formula Contestație în termen de 10 zile de la publicarea articolului, la judecătoria Orășenească nr. 1 München Bayern Deutschland, in conformitate cu Legea federală Germană. Considerăm că nu se pot formula acțiuni la instanțele din România deoarece nici o persoană care activează în trustul nostru nu poate fi extrasă de sub jurisdicția federală germană. Considerăm că redacția noastră nu răspunde în fața autorităților din România ci doar celor federale sau civile germane. deoarece legea română nu are efecte de extraneitate asupra redacției chiar dacă subiectul știrilor face obiectul unor evenimente sau persoane din România și sunt scrise în limba română. Limba română nu este izvor de extraneitate a legii.
absolvent WEB DESIGN Academia Britanică de Comunicare Iasi - absolvent COMUNICARE IN AFACERI Academia Britanica de Afaceri si Comunicare -absolvent JURNALISM EDITORIAL - London School University - 2019 inscris la echivalare diploma la Universitatea Politehnica Timisoara - absolvent studii de Drept Universitatea Europeană Drăgan, cursuri in Drept la Universitatea de Vest Timisoara, absolvent studii de proiectare, pastor coordonator in Biserica Protestanta Evanghelica,
Android Developer pe Google Play și plugin developer la Oxwall, creator de teme Wordpress și Oxwall, operator Wordpress, Drupal, Oxwall, Osclass, Moodle, tehnologii HTML și PHP
The incidental case rate, showing the share of hospital patients who didn’t even know they had Covid, is at its highest level About 52% of people counted as Covid-19 patients in England aren’t actually in the hospital because of the virus. Rather, they were admitted for treatment of other medical conditions and only tested positive […]
A cleaner for Israel’s defense minister has been accused of espionage after allegedly offering to place malware on his boss’ household computer for an Iran-linked hacking group. In a statement on Thursday, the Shin Bet security service said that Omri Goren, a housekeeper for Defense Minister Benny Gantz, and a former bank robber according to […]
The Meta CEO bestowed a new title on his staff to reflect the company’s change of focus Facebook CEO Mark Zuckerberg has told employees they will now be referred to as ‘Metamates’ after the company rebranded itself from Facebook to ‘Meta’ last year. Zuckerberg reportedly announced the change in a virtual meeting with employees on […]
