For nearly a year, the spyware sold by the Israeli NSO group was allegedly armed with piercing weapons such as, Zero footprint "This means installing those programs without any user intervention and accessing files and data and harnessing them to the hacker," and a weapon The click is zero "This means browsing without any clicks. Just point to the place and it will go to it immediately." And the zero day “This means an attack without waiting, which is the exploitation of weaknesses in the software, and its security flaws.” Indeed, a similar vulnerability was used in iMessage to take over the iPhone. This means that it did not leave any visual trace of placing it on the target's phones, and it can be installed simply by sending a message without the need to click on it, and this vulnerability works even on iPhones that were running the latest version of iOS. What is this company's comment on the allegations? And what was Apple's response?
Researchers at the Citizen Lab at the University of Toronto said they discovered the alleged hacking tool, dubbed "Kismet." And if Kismet can be thought of as a "Trojan" or Trojan horse, it has been used to bypass the security of the iPhone, and the Soldiers on the Horse are another package of software sold by the NSO group, called Pegasus, which is frighteningly powerful, according to allegations. Citizen Lab.
The researchers said, "We believe, at least, that this version of the Pegasus spy program has the ability to track the location and access the passwords and credentials stored on the phone and record audio from the microphone, including what is known as a" hot mic ". Record surrounding sounds without the user’s knowledge, as well as recording the audio of encrypted phone calls and taking pictures via the phone’s camera.
Researchers from Citizen Lab reported that they found 37 examples of the use of these "kismet" hacking software against journalists covering news about the Middle East. In reference to the hacking of the phones of dozens of Al-Jazeera journalists in an unprecedented cyber attack.
The researchers said, "Given the global reach of the NSO Group's customer base, and the apparent weakness of the iPhone's security almost before the iOS 14 update, we suspect that the infections we observed were a small fraction of the total attacks used."
In a statement, an Apple spokesperson said: “At Apple, our teams are working hard to enhance the security of user and device data. IOS 14 is a big leap forward in security and provides new protection against these types of attacks. The attack described in the paper is largely targeted by states against specific individuals. We always encourage customers to download the latest version of the operating system to protect themselves and their data. ”
Although the first alleged attacks using Kismet were last summer, the Citizen Lab claimed that records from hacked phones refer to the same technology, and that zero-day vulnerabilities have been exploited since October 2019.
Claims by Citizen Labs, which Apple said it could not definitively verify, point to the discovery of the most dangerous hacking attempts targeting iOS users since overcoming a similar widespread campaign in February 2019.
The campaign, which was discovered by Google's engineers and was revealed last August, used a vulnerability in Internet browsers to steal private data such as iMessages, photos and a real-time GPS location. In a public statement, Apple sought to downplay this attack by noting that it "affected fewer than ten websites focused on content related to the Uyghur community." The company made a similar point about Kismet, stating that NSO Group's clients are nation states, and its targets are a limited number of individuals.
Apple sought to make privacy and security major selling points for its devices. The company prides itself on not collecting user data for commercial purposes, and explains that it has been fighting and preventing any malware since the inception of the iPhone, and in 2014, Apple CEO Tim Cook attacked the Android system at a developer conference, describing it as a "toxic hell because of the many vulnerabilities." in it".
But in recent years, the gap between Apple and its competitors has closed. As more security researchers focus on mobile devices, very puzzling vulnerabilities have been discovered.
And earlier this month, another Google researcher named Ian Beer revealed A fierce iOS vulnerability It is a type of "zero-click, zero-day", which allowed him to fully control the iPhone as soon as he was in the range of the device's wifi. This bug was fixed by Apple in iOS 13.5.
NSO Group said its products are intended to tackle "organized crime and counterterrorism" and that any evidence of serious violation of its policies will be investigated. She added, "As we mentioned time and time again, we do not have access to any information regarding the identities of individuals who are being monitored through our system."