What happened?
A spyware snooping around in the iPhone and iPad has been discovered by security researchers at the Citizen Lab and Lookout.
It is believed to have been used for at least two years, but have been discovered until 10 August when a human rights activist noticed a strange text message to their phone. Shortly after tip was Apple, and the company has now released an update of iOS (9.3.5), which makes it impossible to use the Trojan.
Who is behind the spyware?
The program will according to Citizen Group have been developed by the Israeli company NSO Group, selling hacking tools to government intelligence agencies. They have great similarities with companies Hacking Team or VUPEN and are in a legal gray area which is of unknown vulnerabilities in software.
According to a statement to the New York Times sells just tools to “authorized bodies” who use them to “prevent and investigate crimes,” but it is obviously difficult to control.
Read also: iPhone 7 expected to provide much needed boost to the smartphone market
the program found on the iPhone called Pegasus, and is a kind of trojan that monitors virtually everything that happens on the phone. It can log phone calls, keystrokes, audio and video and everything else that a hacker might be interested to get your hands on. It is also capable of spying on the messaging software and social media such as iMessage, Gmail, Viber, Facebook, Whatsapp, Telegram and Skype.
Pegasus uses three previously unknown security holes, so-called zero-days, for to unnoticed able to infect the target. The Trojan spreads via SMS messages from fake sender that contains links to malicious sites. It is enough to click on the link for the phone to be infected.
The trade in security is a lucrative industry, the price of one such bug can go up to a million dollars.
the tool also cost huge sums to buy into. According to Lookout, the authorities bought it paid about eight million, close to 70 million, for 300 licenses – that is, over 200 000 for each infected phone. Pegasus is believed to have been on the market in about two years.
Who suffered?
The Trojan was discovered when someone tried to infect a phone belonging to human rights activist Ahmed Mansoor. He showed off a strange text message with a suspicious link for Citizen Lab, which analyzed the content together with the security company Lookout and found the spyware.
According to the New York Times is affected mostly dissidents, human rights activists and journalists working in countries Yemen, Turkey, Mozambique, Mexico, Kenya and the United Arab Emirates.
Read also: Analysis of the NSA’s alleged cyber weapons – so you know if your company is exposed to an attack
There are no indications that there should have been no mass surveillance with the help of the program. It is even less likely if the price tag is correct, it costs over SEK 200 000 to purchase a single installation of Pegasus, according to Lookout.
What should you do?
Take it easy, and update your phone. If you have not worked in the States that monitors human rights activists is the risk that you have suffered little.
“We recommend all customers to always download the latest version of IOS to guard against potential security threats,” says Apple spokesman Fred Sainz to the New York Times.
the latest version of IOS 9.3.5 and where Apple has removed the bugs in the code that NSO Group utilized to their spyware. Do you drive it, or a later version, your phone secured from this spyware.
No comments:
Post a Comment