Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Iphone Privacy Security

Dozens of Journalists' iPhones Hacked With NSO 'Zero-Click' Spyware, Says Citizen Lab (techcrunch.com) 45

Citizen Lab researchers say they have found evidence that dozens of journalists had their iPhones silently compromised with spyware known to be used by nation states. From a report: For more than the past year, London-based reporter Rania Dridi and at least 36 journalists, producers and executives working for the Al Jazeera news agency were targeted with a so-called "zero-click" attack that exploited a now-fixed vulnerability in Apple's iMessage. The attack invisibly compromised the devices without having to trick the victims into opening a malicious link. Citizen Lab, the internet watchdog at the University of Toronto, was asked to investigate earlier this year after one of the victims, Al Jazeera investigative journalist Tamer Almisshal, suspected that his phone may have been hacked. In a technical report out Sunday and shared with TechCrunch, the researchers say they believe the journalists' iPhones were infected with the Pegasus spyware, developed by Israel-based NSO Group. The researchers analyzed Almisshal's iPhone and found it had between July and August connected to servers known to be used by NSO for delivering the Pegasus spyware. The device revealed a burst of network activity that suggests that the spyware may have been delivered silently over iMessage. Logs from the phone show that the spyware was likely able to secretly record the microphone and phone calls, take photos using the phone's camera, access the victim's passwords, and track the phone's location.
This discussion has been archived. No new comments can be posted.

Dozens of Journalists' iPhones Hacked With NSO 'Zero-Click' Spyware, Says Citizen Lab

Comments Filter:
  • Why can't these companies be sued out of existence?
    If someone messes around with your stuff they should be sued.
    • by Scutter ( 18425 )

      Why can't these companies be sued out of existence?

      spyware known to be used by nation states

      I mean, the answer seems pretty obvious.

      • by Anonymous Coward

        You still litigate the company that created(and knowingly sold) the software for the purpose of illegal use.

        Sue, sue, and then sue again, repeatedly, from each person/entity involved.

        You also start trying to pass legislation preventing this kind of software being sold at all.

        Lastly, you start doing some investigative journalism on each of the companies employees. Every fucking one of them.

    • It would also be very difficult for an opposing state agent to claim foul ply while at the same time requiring state mandated backdoors in encryption.

  • Using iSH command line, not installing some one-use app.

  • why do any messaging systems at all still support clickable links? that functionality basically exists now to spread malware

    myself I simply will not click any link in any type of message full stop

    • by NoMoreACs ( 6161580 ) on Monday December 21, 2020 @11:41AM (#60853870)

      why do any messaging systems at all still support clickable links? that functionality basically exists now to spread malware
      myself I simply will not click any link in any type of message full stop

      Read TFS.

      This exploit was serious enough that it required absolutely no action by the User. No one had to click on anything to become infected.

  • Android and iDevices are walled gardens whose walls once breached trap the users.
    Everything with inferior boot options to an enthusiast desktop motherboard is broken by manufacturer choice, but we tolerate crap because it's foisted on us.
    Phones should be able to boot at user discretion from external media via USB and if the device they boot from is externally powered should be able to boot from any of the same typical hardware including non-writable CD/DVD since BIOS and UEFI are long-solved problems.
    Users

  • There are plenty of devices that aren't eligible to install iOS 14, are these going to receive patches for iOS 12?

"The following is not for the weak of heart or Fundamentalists." -- Dave Barry

Working...