What is 'Pegasus' spyware that monitors celebrities and politicians around the world via iPhone and Android?



Israeli security companies · NSO Group software for smart phones monitoring developed by 'Pegasus', and has been used to monitor the 180 or more people of journalists in 20 countriesbeen reported but has gradually revealed the details It has become.

Apple iPhones were successfully hacked by NSO's Pegasus surveillance tool --The Washington Post
https://www.washingtonpost.com/technology/2021/07/19/apple-iphone-nso/

Zero-click iMessage exploit was used to spy on journalists
https://www.xda-developers.com/zero-click-imessage-exploit-was-used-to-spy-on-journalists/

Apple iPhones can be hacked even if the user never clicks a link, Amnesty International says
https://www.cnbc.com/2021/07/19/apple-iphones-can-be-hacked-even-if-the-user-never-clicks-a-link-amnesty-international-says.html

What is Pegasus spyware and how does it hack phones? | Surveillance | The Guardian
https://www.theguardian.com/news/2021/jul/18/what-is-pegasus-spyware-and-how-does-it-hack-phones

'Pegasus' is a spyware that monitors smartphones equipped with iOS and Android, but in the case of iOS, it invades the iPhone by using the zero-day vulnerability that exists in iMessage, Apple's genuine messaging app.

According to an independent survey by the Pegasus Project, a global consortium with more than 80 journalists from 17 media outlets in 10 countries, the Pegasus is an iPhone 12 Pro Max with iOS 14.6. It is said that it has been found in various versions of iOS 14 or later, such as iPhone SE with iOS 14.4 (2nd generation) and iPhone SE with iOS 14.0.1 (2nd generation).

As of 2020, the spyware 'Pegasus' was targeting iPhones with iOS 13. As of 2020, 'Pegasus' used the same iMessage vulnerability as the latest version, but it was revealed that it used the zero-click exploit at that time. In other words, 'Pegasus' that targets iOS 13 devices and 'Pegasus' that targets iOS 14 devices are technically very different.

As of December 2020, 'Pegasus', which targets iOS 13 devices, was reported.

Journalists hacked by government for 'zero-click vulnerability' hidden in iPhone iMessage-GIGAZINE



The reason why we had to change the vulnerability used by 'Pegasus' is that iOS 14 introduced a security measure called 'Blast Door'. 'Blast Door' is a security sandbox that effectively analyzes applications, detects unreliable data, and prevents interactions between applications. 'Blast Door' targets iOS 13 devices Since 'Pegasus' succeeded in preventing the zero-click exploit that was being exploited, the developer NSO Group uses another vulnerability to target iOS 14 devices. I had no choice but to create 'Pegasus'.

The Washington Post discovered that the iPhone 11 owned by Claude Mangin, wife of a political activist imprisoned in Morocco, was infected with 'Pegasus,' which targets iOS 14 devices. We are independently investigating whether it works in a way that works. It seems that it was not possible to identify whether the data was stolen by investigating the terminal, but 'Pegasus' is mail, call history, posting on social media, password, contact information, photos, movies, recording files, It is clear that we are collecting data such as browsing history. In addition, it is also possible to enable the camera and microphone without permission, intercept the contents of calls and voice mails, and collect location information.

In the case of Mr. Mangin, it seems that he was infected with 'Pegasus' from an email sent from a Gmail user named 'Linakeller 2203'. Mr. Mangin's iPhone 11 was infected with 'Pegasus' around October 2020, and it is reported that the terminal was hacked many times between this time and June 2021.

To temporarily remove 'Pegasus' from an infected iOS device, just restart your iPhone. 'When I restart my iPhone, Pegasus won't be activated until a zero-click attack occurs,' tweeted Bill Marczak of Citizen Lab, a security lab. However, it has also been reported that the detection of 'Pegasus' has become extremely difficult.



'Apple is a better place for journalists, human rights activists and the world,' said Ivan Krstić, director of security engineering and architecture at Apple, in response to reports that Pegasus is being used to monitor iOS devices. Clearly condemns cyberattacks against anyone trying to make it. Apple has been an industry leader in security innovation for over a decade, and as a result, security researchers say the iPhone is the safest consumer device on the market. I agree that it's a mobile device. The reported cyberattacks are very sophisticated, cost hundreds of millions of dollars to develop, and are often used to target specific individuals. That's what it is, which means it's not a threat to the overwhelming majority of users, but we're constantly working to protect all users, to protect their devices and data. We will continue to add new measures to the above. '

Apple just released iOS 14.7 on July 20, 2021 and announced a security update at the same time, but since details have not been disclosed, it is an article whether this update is related to 'Pegasus' Unknown at this time.

In addition, it is clear that the NSO Group, the developer of 'Pegasus', has monitored journalists, lawyers, activists, prosecutors, diplomats, teachers, judges, scholars, politicians, etc. Rahul Gandhi , a new political rival to Indian politician and Prime Minister Narendra Modi, has been monitoring the new Mexican President Andres Manuel Lopez Obrador and 50 of his associates. It is known that such items were also monitored.

Former NSA employee Edward Snowden, who exposed the reality of global surveillance by the U.S. government, said that spyware such as 'Pegasus' would 'if it doesn't work to ban the trade in this type of technology, it will monitor. It's not just about tens of thousands of targets, it's going to grow to tens of millions. This will happen much sooner than we can imagine, 'he said. He insists that measures should be taken to stop the spread of spyware.

in Mobile,   Software,   Security, Posted by logu_ii