[ad_1]
published photo, Reuters
Pegasus can hack phones and transfer the data they contain without the need for user interaction
Apple has released an urgent update to the security protection settings for its devices, following reports of new spyware believed to be owned by Israeli company NSO. Citizen Lab, an independent cybersecurity watchdog, said last week it found the malware on the phone of a Saudi opposition activist.
Researchers claim that this software is used by NSO to extract data and remotely control devices.
Citizen Lab said the Israeli company has developed a tool that makes it possible to hack phones in an unprecedented way that no one has used before, suggesting that this tool already started to be used last February.
The significance of this discovery lies in the nature of the electronic vulnerability caused by this dangerous malware known as “Pegasus”, as it does not require any interaction from the phone user to be penetrated. This tool can also hack all operating systems developed by Apple, the maker of the iPhone, including iOS, OSX and watchOS, except those which are updated on Monday.
The tool, developed by the Israeli company, goes beyond the security systems that Apple has developed in recent years.
Apple announced that it has already started patching the vulnerability in its operating systems, which allegedly allowed an Israeli company to hack iPhones with the Pegasus malware.
Apple said it fixed the vulnerability in a software update on Monday. “After learning of the vulnerability exploited through the iMessage app, Apple has come up with a quick fix for iOS 14.8 to protect our users,” said Apple’s chief cybersecurity design and engineering.
He added: “Such attacks are very complex and require millions of dollars to perform, and often cannot continue to penetrate operating systems for a long time, and are used to target specific people.”
He continued, “While these attacks do not pose a threat to the vast majority of our users, Apple continues to work tirelessly to defend all users of its phones and software, and we provide ongoing protections for devices and devices. data.”
“We can confirm that the NSO group that develops spyware exploited a vulnerability to penetrate iPhones with its Pegasus malware,” Citizen Lab said.
published photo, EPA
Pegasus software has targeted important international figures such as French President Emmanuel Macron
“Rescue technology”
An Apple spokesperson declined to say whether Israeli company NSO was behind the tool that can be used to hack iPhone smartphones produced by the American company.
In a statement sent to Reuters, Israel’s ONS did not confirm whether it was the root of the breach or not, but said: “We will continue to provide intelligence and enforcement agencies with information. worldwide law of vital technologies to fight terrorism and crime. “
Citizen Lab said it discovered the malware on the phone of a Saudi activist who was attacked with spyware in February, but confirmed that it did not know how many phones could have been affected by the attacks.
Hacking the phone using this software does not require the user to press anything, and the researchers also confirmed that there was no visible sign that the phone had been hacked.
The vulnerability used to penetrate Apple phones is in the iMessage app that automatically displays images, an app that has been repeatedly exposed to the target of NSO and other spyware-developing companies, which prompted Apple to update the operating system of his phones, but he was not able to ensure its full protection.
“Chat apps are the most important security weakness of any communication device, so their security should be a priority,” said John Scott Railton, cybersecurity researcher at the Citizen Lab monitoring group.
The US Cyber Security Agency has not commented on what Citizen Lab has revealed so far.
published photo, Getty Images
FBI Investigates Alleged NSO or International Standards Violations
Pegasus
The watchdog group said there are many details in common between the hacking method it recently discovered and hacking operations conducted by NSO previously, including previously unannounced attacks. The method of handling the hack code, nicknamed “Setframed” used in the hack discovered by Citizen Lab, was the same as that used to handle the hack code that was exposed to a phone used by an Al Jazeera reporter in 2020.
This year has seen the unveiling of a record number of cyberattack methods, valued at around $ 1 million and above. The term “zero-day” is now used to describe this software because it does not give the companies it targets any notification of a cyber attack.
The Pegasus hacking software became more efficient and powerful than it was five years ago when it was discovered by the Citizen Lab watch group and the Lookout Foundation, both concerned with cybersecurity.
Pegasus is distinguished by the fact that it does not need any user interaction to function, as it works without the need to click on links, enter pages or run. electronic applications, which gives him the possibility of working in silence. without any indication on the hacked device that it was attacked by this software.
Pegasus can also turn a smartphone’s camera into a microphone and collect data on the phone.
Although he claims Soo studies the situation of governments to which he sells spyware, Pegasus spyware has been found on the phones of activists, journalists and dissidents in countries with poor human rights. .
The FBI is investigating NSO and Israel has set up an inter-ministerial committee to investigate allegations that the company violated international standards.
An international investigative report released last July indicated that a large number of governments have used Pegasus, which is developed by the Israeli company NSO, to spy on activists, journalists and politicians.
United Nations experts have demanded that sales of surveillance technologies be halted until rules are in place to protect the human rights of those technologies, after the discovery of the Israeli spyware scandal.
Source link
