The Israeli security firm NSO Group, which offers spyware to governments and intelligence agencies, has been using a tool since February that allowed to infect Apple devices with its Pegasus code without the need for the user to click on a malicious link or take any action. To achieve this, according to
highlights the cybersecurity company Citizen Lab, which is what discovered a few months ago the vulnerability in the mobile phone of an activist from Saudi Arabia, they used a bug in the iMessage messaging platform. According to the firm, the problem -which has already been solved by Apple through an update- affected all versions of iOS, OSX and watchOS of Apple’s technology.
“Thanks to this vulnerability, it was possible to practically take possession of the device,” Josep Albors, head of research and awareness at the cybersecurity company ESET, explains in conversation with ABC. The expert highlights, in this regard, that taking advantage of the vulnerability, Pegasus – the spy code developed by NSO Group and that already has been used in recent years to ‘hack’ the terminals of tycoons, like Jeff Bezos, or politicians, like Roger Torrent– “it is possible to monitor messages, calls or user contacts”. Practically, for the person who controls the spyware, it’s like having your mobile in your hand.
A very advanced attack
To exploit the vulnerability, NSO Group It served by sending a file in GIF format through iMessage. As we explained, according to Citizen Lab, the user would not have to ‘click’ anywhere for the terminal to suffer the infection. Be that as it may, this is not the first time that the Israeli company exploits a vulnerability using this technique, which is one of the most advanced and complex that currently exists.
“It is one of the most coveted ‘exploits’ on the market,” ethical hacker Deepak Daswani told this newspaper. “A vulnerability that you can exploit without the need for the victim to click anywhere is very valuable. It is not something that just anyone can do. It is usually present in highly targeted attacks, ”he completes.
Apple, meanwhile, states that the vulnerability in iMessage has already been fixed; therefore, NSO Group will not be able to continue using it to exploit terminals. “After identifying the vulnerability used by this exploit for iMessage, Apple quickly developed and implemented a solution in iOS 14.8 to protect our users,” they explain from technology to ABC.
The Californian company, which today presents the iPhone 13, recalls, in turn, that these threats do not affect the bulk of users. On the contrary, they are developed to access the information of very specific people. “Attacks such as those described are highly sophisticated, cost millions of dollars to develop, often have a short lifespan, and are used to target specific individuals. While that means that they are not a threat to the vast majority of our users, we continue to work tirelessly to defend all our customers and constantly add new protections for their devices and data, “they point out in this regard from technology.
This is not the first time that NSO Group has attracted attention. The company claims that its spyware is intended to “combat pedophilia, drug trafficking, the human trade, locate survivors after a disaster, and protect space from dangerous drones.” However, this is not always true.. Last June, a study coordinated by the non-profit platform Forbidden Stories pointed out that, since 2016, 50,000 people globally had been selected for the at least 11 countries that ‘rent’ the Pegasus code to be spied on. Among them, politicians, journalists, officials, businessmen, activists and union leaders, as well as other personalities.