A New York Times reporter reported that he was 'targeted by the smartphone monitoring software' Pegasus '', could the informant be at risk?



Ben Hubbard, a reporter for the New York Times in the Middle East, reported that his iPhone was infected with the

spyware 'Pegasus' developed by Israeli technology company NSO Group.

I Was Hacked. The Spyware Used Against Me Makes Us All Vulnerable. --The New York Times
https://www.nytimes.com/2021/10/24/insider/hacking-nso-surveillance.html

Breaking the News: New York Times Journalist Ben Hubbard Hacked with Pegasus after Reporting on Previous Hacking Attempts --The Citizen Lab
https://citizenlab.ca/2021/10/breaking-news-new-york-times-journalist-ben-hubbard-pegasus/

'Pegasus' is a 'zero-click attack' that allows the recipient to hack the device without taking any action such as opening the link of the message by sending a message using iMessage, which is a genuine Apple message application. It is a spyware that features. The following article explains in detail what kind of spyware it is.

What is 'Pegasus' spyware that monitors celebrities and politicians around the world via iPhone and Android? --GIGAZINE



In recent years, Hubbard learned of a series of dissident arrests in the Middle East and South America to see if his terminal was hacked and put his informants at risk. We asked Citizen Lab, a security research institute at the University of Toronto, Canada, to investigate. As a result, it was confirmed that his iPhone was infected with Pegasus in June 2021.

Subsequent investigations revealed that Hubbard's iPhone was also attacked by Pegasus in July 2020. According to Citizen Lab Senior Fellow Bill Markzack, the two attacks were the same as the hacks targeting Saudi activists, so they both appear to be attacks by the same organization.

Mr. Hubbard was interviewing Crown Prince Mohammad bin Salman, who is considered to be the de facto ruler of Saudi Arabia, and was writing an article summarizing the results of the interview when he was attacked. Crown Prince Muhammad has been reported to be the mastermind behind the murder of journalist Jamal Khashoggi in Turkey's Consul General of Saudi Arabia in 2018. It is known that Pegasus was also used to hack Khashoggi.

In addition, although there was no evidence of successful hacking, a record of an attack by Pegasus was found on Mr. Hubbard's terminal in 2018 as well. Below is a screenshot of a message sent to Mr. Hubbard's iPhone that appears to be for hacking. The WhatsApp message, written in Arabic, included a statement inviting him to interview the Saudi Arabian Embassy in Washington and a link disguised as the home page of the press.



It is unclear what information was stolen from Mr. Hubbard's iPhone during the 2020 and 2021 hacks, partly because the traces of the intrusion into the device had been erased. As far as Mr. Hubbard knows, there have been no confirmed cases of harm to the informants or stakeholders he has contacted, but 'Hackers have photos, contacts, passwords, text message content, etc.' I think I could have stolen anything, and I could have remotely controlled the microphone and camera of the terminal to eavesdrop and monitor, 'Habard said.

in Mobile,   Software,   Security, Posted by log1l_ks