Groups Similar Look up By Text Browse About



Similar articles
Article Id Title Prob Score Similar Compare
212207 ARSTECHNICA 2021-7-19:
“Clickless” exploits from Israeli firm hacked activists’ fully updated iPhones
1.000 Find similar Compare side-by-side
212165 TECHREPUBLIC 2021-7-20:
Your iPhone and the Pegasus spyware hack: What you need to know
0.710 0.606 Find similar Compare side-by-side
212421 ZDNET 2021-7-19:
NSO Group's Pegasus spyware used against journalists, political activists worldwide
0.597 0.554 Find similar Compare side-by-side
212283 ARSTECHNICA 2021-7-20:
Apple under pressure over iPhone security after NSO spyware claims
0.336 0.487 Find similar Compare side-by-side
212620 ZDNET 2021-7-22:
Modi government accused of spying on critics and opponents using Pegasus spyware
0.486 Find similar Compare side-by-side
212411 ZDNET 2021-7-16:
Microsoft points the finger at Israeli spyware seller for DevilsTongue attacks
0.399 Find similar Compare side-by-side
212004 ZDNET 2021-7-16:
Toddler mobile banking malware surges across Europe
0.393 Find similar Compare side-by-side
212524 ARSTECHNICA 2021-7-21:
Home and office routers come under attack by China state hackers, France warns
0.378 Find similar Compare side-by-side
212428 ZDNET 2021-7-19:
DOJ charges four members of Chinese government hacking group
0.358 Find similar Compare side-by-side
212194 ARSTECHNICA 2021-7-19:
US warns China over state-sponsored hacking, citing mass attacks on Exchange
0.350 Find similar Compare side-by-side
211992 ZDNET 2021-7-16:
Chinese APT LuminousMoth abuses Zoom brand to target gov't agencies
0.350 Find similar Compare side-by-side
212529 ARSTECHNICA 2021-7-21:
CIA officer from bin Laden hunt to lead Havana Syndrome probe as cases rise
0.350 Find similar Compare side-by-side
212426 ZDNET 2021-7-19:
UK and White House blame China for Microsoft Exchange Server hack
0.346 Find similar Compare side-by-side
212424 ZDNET 2021-7-19:
Kaseya ransomware attack FAQ: What we know now
0.345 Find similar Compare side-by-side
212521 THEVERGE 2021-7-22:
19 days after REvil’s ransomware attack on Kaseya VSA systems, there’s a fix
0.343 Find similar Compare side-by-side
212543 ARSTECHNICA 2021-7-22:
Saudi Aramco confirms data leak after $50 million cyber ransom demand
0.337 Find similar Compare side-by-side
212570 ARSTECHNICA 2021-7-22:
Kaseya gets master decryptor to help customers still suffering from REvil attack
0.331 Find similar Compare side-by-side
212420 ZDNET 2021-7-19:
Windows 10 security: Here's how researchers managed to fool Windows Hello
0.328 Find similar Compare side-by-side
212596 ZDNET 2021-7-22:
1,000 GB of local government data exposed by Massachusetts software company
0.320 Find similar Compare side-by-side
212231 ZDNET 2021-7-21:
Best encrypted messaging app 2021: Chat privately
0.318 Find similar Compare side-by-side
212601 ZDNET 2021-7-22:
Saudi Aramco denies breach after hackers hawk stolen files
0.310 Find similar Compare side-by-side
212525 TECHREPUBLIC 2021-7-22:
How cyberattacks exploit known security vulnerabilities
0.302 Find similar Compare side-by-side
212495 ARSTECHNICA 2021-7-21:
Report: Apple will introduce a new iPhone SE with A15, 5G in early 2022
0.299 Find similar Compare side-by-side
212303 ARSTECHNICA 2021-7-20:
The MAGA-targeted “Freedom Phone” has a breathtaking amount of red flags
0.298 Find similar Compare side-by-side
212431 ZDNET 2021-7-19:
Law firm for Ford, Boeing, Exxon, Marriott, Walgreens, and more hacked in ransomware attack
0.295 Find similar Compare side-by-side

1

ID: 212207

URL: https://arstechnica.com/gadgets/2021/07/clickless-exploits-from-israeli-firm-hacked-activists-fully-updated-iphones/

Date: 2021-07-19

“Clickless” exploits from Israeli firm hacked activists’ fully updated iPhones

NSO Group says its spyware targets only criminals and terrorists. Critics disagree. Smartphones belonging to more than three dozen journalists, human rights activists, and business executives have been infected with powerful spyware that an Israeli firm sells, purportedly to catch terrorists and criminals, The Washington Post and other publications reported. The handsets were infected with Pegasus, full-featured spyware developed by NSO Group. The Israel-based exploit seller has come under intense scrutiny in recent years after repressive governments in the United Arab Emirates, Mexico, and other countries have been found using the malware against journalists, activists, and other groups not affiliated with terrorism or crime. Pegasus is frequently installed through zero-click exploits, such as those sent by text messages, which require no interaction from victims. After the exploits surreptitiously jailbreak or root a target's iPhone or Android device, Pegasus immediately trawls through a wealth of the device's resources. It copies call histories, text messages, calendar entries, and contacts. It is capable of activating the cameras and microphones of compromised phones to eavesdrop on nearby activities. It can also track a target's movements and steal messages from end-to-end encrypted chat apps. According to research jointly done by 17 news organizations, Pegasus infected 37 phones belonging to people who dont meet the criteria NSO says is required for its powerful spyware to be used. Victims included journalists, human rights activists, business executives, and two women close to murdered Saudi journalist Jamal Khashoggi, according to The Washington Post. Technical analysis from Amnesty International and the University of Torontos Citizen Lab confirmed the infections. The Pegasus attacks detailed in this report and accompanying appendices are from 2014 up to as recently as July 2021, Amnesty International researchers wrote. These also include so-called zero-click attacks which do not require any interaction from the target. Zero-click attacks have been observed since May 2018 and continue until now. Most recently, a successful zero-click attack has been observed exploiting multiple zero-days to attack a fully patched iPhone 12 running iOS 14.6 in July 2021.All 37 infected devices were included in a list of more than 50,000 phone numbers. It remains unknown who put the numbers on it, why they did so, and how many of the phones were actually targeted or surveilled. A forensic analysis of the 37 phones, however, often shows a tight correlation between time stamps associated with a number on the list and the time surveillance began on the corresponding phone, in some cases as brief as a few seconds. Amnesty International and a Paris-based journalism nonprofit called Forbidden Stories had access to the list and shared it with the news organizations, which went on to do further research and analysis. Reporters identified more than 1,000 people in more than 50 countries whose numbers were included on the list. Victims included Arab royal family members, at least 65 business executives, 85 human rights activists, 189 journalists, and more than 600 politicians and government officials—including cabinet ministers, diplomats, and military and security officers. The numbers of several heads of state and prime ministers also appeared on the list. The Guardian, meanwhile, said 15,000 politicians, journalists, judges, activists, and teachers in Mexico appear on the leaked list. As detailed here, hundreds of journalists, activists, academics, lawyers, and even world leaders appear to have been targeted. Journalists on the list worked for leading news organizations, including CNN, the Associated Press, Voice of America, The New York Times, The Wall Street Journal, Bloomberg News, Le Monde in France, the Financial Times in London, and Al Jazeera in Qatar. The targeting of the 37 smartphones would appear to conflict with the stated purpose of NSOs licensing of the Pegasus spyware, which the company says is intended only for use in surveilling terrorists and major criminals, Sundays Washington Post said. The evidence extracted from these smartphones, revealed here for the first time, calls into question pledges by the Israeli company to police its clients for human rights abuses. NSO officials are pushing back hard on the research. In a statement, they wrote: The report by Forbidden Stories is full of wrong assumptions and uncorroborated theories that raise serious doubts about the reliability and interests of the sources. It seems like the unidentified sources have supplied information that has no factual basis and [is] far from reality. After checking their claims, we firmly deny the false allegations made in their report. Their sources have supplied them with information which has no factual basis, as evident by the lack of supporting documentation for many of their claims. In fact, these allegations are so outrageous and far from reality that NSO is considering a defamation lawsuit. NSO Group has a good reason to believe the claims that are made by the unnamed sources to Forbidden Stories are based on [a] misleading interpretation of data from accessible and overt basic information, such as HLR Lookup services, which have no bearing on the list of the customers' targets of Pegasus or any other NSO products. Such services are openly available to anyone, anywhere, and anytime and are commonly used by governmental agencies for numerous purposes, as well as by private companies worldwide. The claims that the data was leaked from our servers is a complete lie and ridiculous, since such data never existed on any of our servers. In its own statement, Apple officials wrote: Apple unequivocally condemns cyberattacks against journalists, human rights activists, and others seeking to make the world a better place. For over a decade, Apple has led the industry in security innovation and, as a result, security researchers agree iPhone is the safest, most secure consumer mobile device on the market. Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data. Researchers at the time determined that text messages sent to UAE dissident Ahmed Mansoor exploited what were three iPhone zero-day vulnerabilities to install Pegasus on his device. Mansoor forwarded the messages to Citizen Lab researchers, who determined that the linked webpages led to a chain of exploits that would have jailbroken his iPhone and installed the Pegasus spyware. In 2019, Googles Project Zero exploit research team found NSO exploiting zero-day vulnerabilities that gave full control of fully patched Android devices. Days later, Amnesty International and Citizen Lab disclosed that the mobile phones of two prominent human rights activists were repeatedly targeted with Pegasus. That same month, Facebook sued NSO, allegedly for attacks that used clickless exploits to compromise WhatsApp users' phones. Last December, Citizen Lab said a clickless attack developed by NSO exploited what had been a zero-day vulnerability in Apples iMessage to target 36 journalists. The exploits that NSO and similar firms sell are extremely complex, costly to develop, and even more expensive to purchase. Smartphone users are unlikely to ever be on the receiving end of one of these attacks unless they are in the crosshairs of a wealthy government or law enforcement agency. People in this latter category should seek guidance from security experts on how to secure their devices.