It’s been revealed that NSO’s Pegasus hacked the iPhone of an award-winning journalist, just weeks after Apple sought an injunction that would bar the company from targeting iPhone users.
NSO’s Pegasus software is so dangerous for two reasons. First, it gives access to almost all the data on the phone, including messages, photos, and location. Second, it works via a zero-click approach …
Most malware relies on fooling a phone user into clicking on a link, which security-savvy people will never do. But a zero-click exploit installs malware simply by sending the payload as a message; no user interaction is required. Pegasus allows zero-click attacks to be carried out.
Pegasus has been used to target journalists, lawyers, human rights activists, and political opponents. TechCrunch reports on the latest case to come to light.
Investigators say they have found evidence that a Jordanian journalist and human rights defender’s iPhone was hacked with the Pegasus spyware just weeks after Apple sued the spyware’s maker NSO Group to stop it from targeting Apple’s customers.
Award-winning journalist Suhair Jaradat’s phone was hacked with the notorious spyware as recently as December 5, 2021, according to an analysis of her phone by Front Line Defenders and Citizen Lab that was shared with TechCrunch ahead of its publication. Jaradat was sent a WhatsApp message from someone impersonating a popular anti-government critic with links to the Pegasus spyware, compromising her phone. According to the forensic analysis, Jaradat’s iPhone was hacked several times in the preceding months and as far back as February 2021 […]
Jaradat is one of several Jordanians, including human rights defenders, lawyers and fellow journalists whose phones were compromised likely by agencies of the Jordanian government, according to Front Line Defenders and Citizen Lab’s findings out Tuesday.
While NSO claims that it only sells Pegasus to legitimate governmental law enforcement agencies, the company has been criticized for selling it to countries with extremely poor human rights records.
Apple last year issued an iOS security fix believed to fix one of the zero-day exploits used by Pegasus, but it’s a constant game of cat-and-mouse as NSO regularly buys more exploits on the blackmarket.
The iPhone maker has tried two other approaches too. First, iOS now proactively looks for signs that iPhones have been compromised by Pegasus, and Apple alerts their owners. Second, Apple applied for an injunction to prevent NSO targeting iPhone users. That case has still not been heard.
Photo: The Average Tech Guy/Unsplash
Author: Ben Lovejoy
Source: 9TO5Google