Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 17 submissions in the queue.

Submission Preview

Link to Story

Researchers Call NSO Zero-click iPhone Exploit 'Incredible and Terrifying'

Accepted submission by upstart at 2021-12-18 16:11:50
News

upstart [soylentnews.org] writes:

████ # This file was generated bot-o-matically! Edit at your own risk. ████

Researchers call NSO zero-click iPhone exploit 'incredible and terrifying' [engadget.com]:

Google researchers have described NSO Group's zero-click exploit used to hack Apple devices [engadget.com] as "incredible and terrifying," Wired [wired.com] has reported. Project Zero researchers called it "one of the most technically sophisticated exploits we've ever seen" that's on par with attacks from elite nation-state spies.

The Project Zero team said it obtained one of NSO's Pegasus exploits from Citizen Lab, which managed to capture it via a targeted Saudi activist. It also worked with Apple's Security Engineering and Architecture (SEAR) group on the technical analysis.

NSO's original exploit required the user to click on a link, but the latest, most sophisticated exploits require no click at all. Called ForcedEntry, it takes advantage of the way iMessage interprets files like GIFs to open a malicious PDF file with no action required from the victim. It does so by using old code from the 1990s used to process text in scanner images.

Once inside a device, the malware can set up its own virtualized environment and run javascript-like code, with no need to connect to an outside server. From there, it gives an attacker access to a victim's passwords, microphone, audio and more. The exploit is extremely hard to detect and is "a weapon against which there is no defense," Project Zero researchers said.

Apple recently filed a lawsuit [engadget.com] against the group to "hold it accountable" for governments using it to spy on iOS users. Apple alleged that targets are often activists, journalists [engadget.com] and other critics [citizenlab.ca] of regimes that routinely suppress political dissent. It also accused NSO of "flagrant violations" of federal- and state-level laws in the US. Last month, the US Department of Commerce added NSO Group [engadget.com] to its "entity list", essentially banning it for use in the US.

Original Submission