Pegasus spyware hacking: report shows latest iPhone running iOS 14 may be attacked by zeroclick iMessage vulnerability

According to the researchers, the iPhone's zeroclick vulnerability was used to install Pegasus.

Monday, 19th July 2021

Once again, the Israeli company NSO Group that makes Pegasus spyware is in trouble. The software was used to spy on a large group of people because their mobile phone numbers were found in a leaked database. NSO Group's spyware has become known for providing back doors to target entities' mobile phones. Both Android and iPhone are targeted, but the latter is easier to monitor through Pegasus. And, according to a report, Apple's zero-click vulnerability in iMessage made this job easier.

Amnesty International worked with the Pegasus Project to discover the leaked database. The Pegasus Project, a consortium of news organizations that saw the leaked database, refutes the NSO Group's claim that Pegasus is used to investigate crimes and terrorism-related cases without leaving a trace. Amnesty International's Security Laboratory conducted an in-depth forensic analysis on multiple mobile phones of human rights defenders and journalists around the world and found that monitoring of Pegasus not only violated user privacy but also violated human rights.

According to Amnesty International's Forensic Method report, Apple's iPhone is the easiest to snoop around with Pegasus software. The leaked database shows that the iPhone running iOS 14.6 contains a clickless iMessage vulnerability, which can be used to install Pegasus software on the target entity's iPhone device. This vulnerability was previously discovered by Citizen Labs. It is called KISMET, and it allows Pegasus software to be installed for comprehensive monitoring. The vulnerability has been patched by an emergency software update released by Apple, but it appears to be inactive until zero clicks are triggered.

Also Read: TCL Launches India’s First Video Call QLED 4K TV.

Citizen Lab researcher Bill Marczak said that even after the patch is released, Apple still has major problems with iMessage security, and the patch incorporates the BlastDoor framework as part of the iOS 14 update. It is difficult to install Pegasus spyware. However, the BlastDoor framework may not work as expected. Example: The new Pegasus surveillance scandal involves not only well-known journalists from all over the world but also ministers and other well-known entities. The researchers pointed out that spyware installed through the zero-click vulnerability is no longer "persistent."

According to Marczak, Apple's use of the sandbox in iMessage alone does not solve the problem that the BlastDoor framework should be ideal. This means that the BlastDoor attribute will be weakened by the sandboxing process, allowing access to zero-click vulnerabilities. "How about:" Doesn't it automatically perform extremely complex and erroneous analysis of the data sent by strangers to your phone? "Mark Zak said in a tweet. The leaked target iPhone database contains call logs, and Pegasus can recover them by analyzing JPEG and GIF images and exploiting ImageIO vulnerabilities in iOS 13 and iOS 14. Marczak said there are "a dozen" serious bugs in ImageIO's Manzana.

Pegasus raised several questions, especially when the customers using it involve governments around the world. WhatsApp has criticized the tools provided by NSO Group for making privacy very unimportant. But a bigger problem looms over Apple's claim that it has proven time and again how the iPhone is the epitome of user privacy. If a single zero-click vulnerability can enable mass surveillance, imagine what other vulnerabilities can do. Apple has not issued a statement about the incident.

The News Talkie Bureau

Source:

India Today