Google detects one of the biggest spyware threats to iPhone
If you have an iPhone, don’t continue reading these lines without first checking if it’s up to date with your version of iOS 14.8. (September 13, 2021) or later. If you do not have one of these versions, update it immediately. Now find out why: Google’s Project Zero cybersecurity team has revealed a sophisticated way for the Israeli company NSO to deliver Pegasus spyware to Apple mobile phones. The user doesn’t even need to click a link, just send a message to iMessage for the mobile phone spyware to take control. The method may also be used to attack Android phones, but researchers have not yet been able to find an infected terminal to find a solution.
The spyware works without the victim having to click: just send a message to their mobile phone number or AppleID
Project Zero explained that Pegasus’ entry point on the iPhone is Apple’s popular iMessage messenger. A program called ForcedEntry exploits a vulnerability to hack the operating system and “can attack the victim simply by using their phone number or AppleID username”. In this case, it is not even necessary for the user to click on a link. All you have to do is send a message with certain characteristics for the spyware to take over.
This type of software that exploits vulnerabilities in an operating system is called an exploit. ForcedEntry was found by the Citizen Lab research group at the University of Toronto. The experts at Project Zero were amazed by its features: “Based on our research and discoveries, we consider this to be one of the most technologically advanced feats we have ever seen, demonstrating that the capabilities it offers to the NSO rival those previously thought accessible only to a handful of nation states.” .
NSO took advantage of the way iMessage interpreted certain files like GIFs until last September
Technically, what ForcedEntry does is take advantage of the way iMessage interprets files as GIFs until last September. By means of a wrong file identified as if it was one of those images, it manages to get into the operating system and install the code needed to perform a complete phone spying operation.
As Project Zero explains, NSO provides spyware solutions that “allow actors in countries without their own offensive cyber capabilities to ‘pay-per-play,’ significantly expanding the number of countries with such cyber capabilities.”
Among the dozens of cases of espionage with Pegasus, the case of Minister Roger Torrent when he was Speaker of Parliament.
Among the dozens of known cases, the espionage with Pegasus of the current Minister of Business and Labor, Roger Torrent, when he was president of the Parliament of Catalonia and former Esquire MP Ernest Marajal. Project Zero mentioned that hack by the Saudi regime for journalist New York times Ben Hubbard, spying for human rights defenders in Morocco and Bahrain, in addition to other attacks on Amnesty International members.
The United States last month included NSO on a list of foreign companies that engage in “malicious cyber activities,” severely restricting the ability of American companies to do business with it. In a statement, the federal government emphasized that “NSO’s tools have allowed foreign governments to carry out cross-border repression, which is the practice of authoritarian governments to attack dissidents, journalists, and activists outside their sovereign borders to silence dissent.”
Apple sued NSO last month for a court ban from using its software on any of its devices.
Last November, Apple filed a lawsuit against NSO Group and its parent company for using the Pegasus spyware. Apple NSO holds responsibility for user monitoring and selection and requires a court to prohibit use of any Apple software, service, or device. The California technology company said, in a statement, that the Israeli company has a “history of misusing this spyware to attack journalists, activists, dissidents, academics, and government officials.”
“Pop culture advocate. Troublemaker. Friendly student. Proud problem solver.”