[ad_1]
The powerful Pegasus malware of the Israeli company NSO Group – the same spyware involved in a violation of WhatsApp earlier this year – is able to recover data from a target on Apple's, Google's, servers. Amazon, Facebook and Microsoft, according to a report published in the newspaper. Financial Times on Friday.
According to the Times, "people familiar with its sales pitch" as well as revealed sales documents show that the parent company of the NSO group, Q-Cyber, claims that Pegasus has the ability to copy authentication keys to services like Google Drive, Facebook Messenger and iCloud. from an infected phone to a web server that can independently download the complete history of the target. The paper wrote that the documents advertise the feature as allowing continued access to data stored on the servers of technology giants that persist beyond the Pegasus infection on the phone itself (probably up to this point). that the authentication key in question is invalidated):
According to the documents, it works on all devices that can be infected with Pegasus, including most of the latest iPhones and Android smartphones, and allows permanent access to data downloaded to the cloud from laptops, tablets and phones, even if Pegasus is removed from the original system. targeted smartphone.
An introductory document from the OSN's parent company, Q-Cyber, prepared for the Ugandan government early this year, announced Pegasus' ability to "retrieve the keys that open the safes in the cloud" and to "extract synchronization and extract data".
The documents boast of having access to a "cloud endpoint", allowing access "beyond the content of smartphones," writes the Times.
Amazon said that there was no evidence that its servers had been violated, just like Google, according to the newspaper. Facebook said it was reviewing the claims, while Microsoft said its security tools "were evolving continuously" and Apple noted that while "expensive tools may exist to conduct targeted attacks," he said. do not "believe that they are useful for widespread attacks against consumers".
NSO spokesman told The Times: "We do not supply or commercialize any type of hacking capabilities or bulk collection of applications, services or infrastructure in the cloud," without, however, denying having developed this feature.
The WhatsApp violation is a notable example of a "zero day zero day," as it was able to infect a targeted device simply by sending it a link that did not even need to be clicked to access its payload. malware. The NSO Group did not deny that he was behind the attack and the Justice Department is currently conducting an investigation, according to the Times.
The NSO Group has always denied having sold its products to governments for the purpose of executing other than legitimate law enforcement and intelligence operations. Researchers at the Toronto-based Citizen Lab, however, have identified its tools used in dozens of countries, including targeting Omar Abdulaziz, a Saudi dissident living in Canada as part of an asylum program. Abdulaziz was in contact with fellow dissident Jamal Khashoggi before he was lured to the Saudi Arabian consulate in Turkey, tortured and murdered last year.
Citizen Lab and Mexican NGOs also reported that the Mexican government had used Pegasus to illegally spy on journalists, lawyers and activists, and that the NSO group would have sold its tools to a number of autocratic regimes. Its founder and CEO, Shalev Hulio, has justified his attacks on lawyers and journalists. The company faces numerous lawsuits in Israel and Cyprus for alleged abuse of its espionage tools.
As noted by Next Web, cloud adoption around the world is accelerating at a rapid pace, making critical vulnerabilities such as the one identified in the Times. Check Point's cybersecurity company recently identified unauthorized access to the cloud and accounts as one of the biggest exploits of cloud services, while two-step pbadword-free authentication could be a way to protect the cloud. customers against such attacks, said Next Web site.
[Financial Times]Source link
