![]() ![]() The researchers noticed that the software's code referenced an NSO Group product called "Pegasus" in leaked marketing materials. The software can also collect Wi-Fi passwords. The software installs itself and collects all communications and locations of targeted iPhones. According to their analysis, the software can jailbreak an iPhone when a malicious URL is opened. Ĭitizen Lab and Lookout discovered that the link downloaded software to exploit three previously unknown and unpatched zero-day vulnerabilities in iOS. Mansoor sent the link to Citizen Lab of the University of Toronto, which investigated, with the collaboration of Lookout, finding that if Mansoor had followed the link it would have jailbroken his phone and implanted the spyware into it, in a form of social engineering. Arab human rights defender Ahmed Mansoor received a text message promising "secrets" about torture happening in prisons in the United Arab Emirates by following a link. Pegasus's iOS exploitation was identified in August 2016. The company states that it provides "authorized governments with technology that helps them combat terror and crime." NSO Group has published sections of contracts which require customers to use its products only for criminal and national security investigations and has stated that it has an industry-leading approach to human rights. NSO Group developed its first iteration of Pegasus spyware in 2011. Subsequent investigations into Pegasus by Amnesty International, Citizen Lab, and others have garnered significant media attention, most prominently in July 2021 with the release of the Pegasus Project investigation, which centered on a leaked list of 50,000 phone numbers reportedly selected for targeting by Pegasus customers. Ĭyber watchdog Citizen Lab and Lookout Security published the first public technical analyses of Pegasus in August 2016 after they captured the spyware in a failed attempt to spy on the iPhone of a human rights activist. The spyware is named after Pegasus, the winged horse of Greek mythology. While the capabilities of Pegasus may vary over time due to software updates, Pegasus is generally capable of reading text messages, call snooping, collecting passwords, location tracking, accessing the target device's microphone and camera, and harvesting information from apps. Īs of March 2023, Pegasus operators were able to remotely install the spyware on iOS versions through 16.0.3, through a zero-click exploit. While NSO Group markets Pegasus as a product for fighting crime and terrorism, governments around the world have routinely abused the spyware to surveil journalists, lawyers, political dissidents, and human rights activists. Pegasus is spyware developed by the Israeli cyber-arms company NSO Group that is designed to be covertly and remotely installed on mobile phones running iOS and Android. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |