It is currently 18-12-2017 04:18

Pegasus malware exploits three zero-day vulnerabilities in iOS and remotely jailbreaks

Pegasus malware exploits three zero-day vulnerabilities in iOS and remotely jailbreaks

by sigismund » 2016-08-26 10:50:23


Tool for spying developed by the Israeli company NSO Group and used by intelligence agencies.


On the morning of 10 August, 46-year-old human rights activist Ahmed Mansur (Mansoor Ahmed) from the UAE received on your iPhone from an unknown number of suspicious text message: "Secret torture prison of the Emirates, followed by a link. Earlier, Mansur had been the victim of government hackers using tools from FinFisher and Hacking Team, so I decided not to click the link and to forward the message to IB-expert Citizen Lab bill Maraku (Bill Marczak).

According to experts at the Citizen Lab and Lookout, the message was really a phishing Scam and the link sent is not for classified information, and downloaded a sample of advanced malware. The program operates three unknown vulnerability in Apple iOS and gives the hackers full control over the device.

It should be noted that previously such attacks have never been recorded, and the case of the iPhone Mansour is the first. So far the researchers have not encountered spyware that use the three zero-day vulnerabilities in iOS. The cost of the technologies and tools necessary for carrying out the attack (in essence, this remote iPhone), could reach $1 million, the Researchers have notified Apple of the vulnerabilities, and 25 August, the company released the fix.

According to experts, earlier they were not able to deal with malware of this type. As explained by Mike Murray (Mike Murray) from Lookout, developer this is a little-known Israeli company NSO Group, which the analyst called "dealer cyberarmies". The company was founded in 2010 and develops tools for hacking mobile devices is on the order of the government. As stated in the company, their software is invisible, like ghosts."

Developed by the NSO Group malware, the Pegasus is designed for inconspicuous infection iPhone to steal the information on it and intercept transmitted data.

Qoute:"the Malware literally steals all information from your phone: intercepts all calls, text messages, emails, contacts, video calls FaceTime. It also opens a loophole in all communication mechanisms on your phone. He steals information from Gmail, messages, information and contacts in Facebook and in other applications such as Skype, WhatsApp, Viber, WeChat, Telegram etc." - said Murray.
sigismund
moderators
Сообщений: 788
Депозит: 0 BTC

Rating: 5