![]() These are extremely expensive - as an example, Zerodium, an exploit brokerage firm pays up to $2.5 million for an Android zero-click infection chain with persistence:įrom the start, this draws an important conclusion - nation state sponsored cyberespionage is a vastly resourceful endeavor. Similarly, other APT mobile malware may be deployed through zero-click 0-day exploits. The cost of a full deployment may easily reach millions of USD. How to stay safe from Pegasus and other advanced mobile spywareįirst of all, we should start by saying that Pegasus is a toolkit sold to nation states at relatively high prices. Additionally, as attackers change their modus operandi, protection techniques should also be adapted. We are trying to address this in the current article, with the observation that no list of defence techniques can ever be exhaustive. Over the past few months I have received a lot of questions from concerned users worldwide on how to protect their mobile devices from Pegasus and other similar tools and malware. Apple announced, in November, that it was taking legal action against NSO Group for developing software that targets its users with “malicious malware and spyware.” Last but not least, in December, Reuters published that US State Department phones were hacked with the NSO Pegasus malware, as alerted by Apple. In October, India’s Supreme Court commissioned a technical committee to investigate the use of Pegasus to spy on its citizens. Later in July, representatives from the Israeli government visited the offices of NSO as part of an investigation into the claims. The list of targeted individuals includes 14 world leaders and many other activists, human rights advocates, dissidents and opposition figures. The report, called the Pegasus Project, alleged that the malware was deployed widely through a variety of exploits, including several iOS zero-click zero-days.īased on forensic analysis of numerous mobile devices, Amnesty International’s Security Lab found that the software was repeatedly used in an abusive manner for surveillance. Pegasus is a so-called “legal surveillance software” developed by the Israeli company NSO. ![]() Possibly the biggest story of 2021 - an investigation by the Guardian and 16 other media organizations, published in July - suggested that over 30,000 human rights activists, journalists and lawyers across the world may have been targeted using Pegasus.
0 Comments
Leave a Reply. |