Google reveals how spyware took down the iPhone’s security stronghold – LLODO

Pegasus spyware, developed by Israel’s NSO Group, has been used by several governments around the world to spy on journalists, activists, opposition leaders, ministers, lawyers and others. others. This spyware allegedly infiltrated the phones of at least 180 journalists around the world.

Google reveals how spyware took down the iPhone's security stronghold - Photo 1.

Recently, Google’s Project Zero team has revealed how this software attacks the iPhone. Project Zero has called attacks using Pegasus a highly sophisticated technical exploit and rates the software as comparable to previous spyware, believed to be accessible only by a few countries. .

According to Project Zero, Pegasus attacks on iPhones are possible due to the ForcedEntry exploit. NSO hackers took advantage of how iMessage handles GIF images to insert PDF files into iPhones, disguised as GIF images. Then, a vulnerability in the compression engine used to process text in images, was exploited by this software.

Google reveals how spyware took down the iPhone's security stronghold - Photo 2.

Once inside the iPhone, the malware can set up its own virtualized environment and run javascript-like code without connecting to an external server. Virtual environments make detecting attacks more difficult.

Pegasus can do it all without any action from the user, hence it is called a “zero-click” attack. This software only needs a phone number or Apple ID to send malicious files and then infiltrate the iPhone. As soon as the iPhone received the message, the hack worked without the user being aware of its presence on his device.

Researchers at Google’s Project Zero have described the NSO Group’s hack on the iPhone as “astonishing and terrifying”.

NSO has also faced numerous lawsuits, with Apple also suing the Israeli company after releasing patches and notifying customers. They were also banned in the US after the details of the spyware were revealed.

Reference: BINH


Link Hoc va de thi 2021

Chuyển đến thanh công cụ