One of the most technically sophisticated exploits.
Pegasus spyware from NSO Group, an Israel-based cyber security company, has been used to hack iPhones of a dozen U.S. diplomats. The revelation comes a month after U.S. officials blacklisted the NSO Group after a report that its foreign government clients used the software to spy over rivals, political activists, human rights workers and others.
Google has published a blog post explaining how the spyware was used for hacking into iPhones without users’ knowledge.
Google’s Project Zero team has posted the blog, and it calls it “one of the most technically sophisticated exploits”. The blog post says that the spyware is very sophisticated and indicates that what was available to a handful of nations and their governments is now openly accessible to many.
The blog also has explained how the spyware gets into your phone. Earlier, the one-click phishing route was used to hack into your phone. But now, NSO offers its clients zero-click exploitation technology, which requires no clicking of a phishing message. Instead, the hack works silently in the background. “Short of not using a device, there is no way to prevent exploitation by a zero-click exploit; it’s a weapon against which there is no defense,” Google wrote in the post.
The hack rides on the back of GIF files in iMessage to target users. The GIF is used to sneak in a PDF file into an iPhone. Then the PDF file targets images and texts and virtually builds a parallel command center to carry out spying over all your computer or device activities.
The hackers need either the phone number or Apple ID of the user to hack into the system silently.
The positive is that Apple has been quick to respond to this vulnerability and fixed it with an iOS update released on September 13, 2021. Apple began alerting people who were potential targets and sued the company, seeking to prevent it from using Apple products in the future.
An investigation into the NSO group by The Washington Post and some others brought to light that U.S. diplomats and other embassy employees were at risk of being targeted by the spyware Pegasus, especially via their phone activities.
The easy availability of such spyware highlights the national security risks posed by the unregulated global spyware market, which has become easily accessible to clients who might use it for spying and other fraudulent activities. The National Security Council said in a statement Friday, “We have been acutely concerned that commercial spyware like NSO Group’s software poses a serious counterintelligence and security risk to U.S. personnel, which is one of the reasons the Biden-Harris Administration has placed several companies involved in the development and proliferation of these tools on the Department of Commerce’s Entity List.”
The U.S. Commerce Group has blacklisted NSO Group and another Israeli company, Candiru. U.S. companies are prohibited from doing business with companies on the list, which in recent years has been dominated by Chinese companies.