News

Just Looking at That Message Could Compromise Your Device

This cute photo could be more than a photo

Important consequences

  • While analyzing the spying scandal uncovered by Citizen Lab, Google security researchers discovered a new attack mechanism known as zero-click exploits.
  • Traditional security tools like antivirus cannot prevent no-click exploits.
  • Apple has dropped one, but researchers fear there will be more no-click exploits in the future.

Screen Message / Unspalsh.com

Following security best practices is considered a prudent course of action to keep devices like laptops and smartphones safe, or that was until researchers discovered a new trick that was virtually undetectable.

While investigating the recently patched Apple bug used to install Pegasus spyware on specific targets, Google’s Project Zero security researchers discovered an innovative new attack mechanism they call the “no-click exploit” that ‘no mobile antivirus can do. foil.

“There is no way to prevent exploits through ‘no-click exploits’ other than not using a device; It’s a defenseless weapon,” Google Project Zero engineers Ian Beer and Samuel Groß wrote in a blog post.

Frankenstein’s Monster

Pegasus spyware is the brainchild of NSO Group, an Israeli technology company that has essentially been added to the US “entity list”, blocking it from the US market.

“It’s not clear what the plausible explanation for privacy on a cellphone is, where we often make very personal calls in public places. “While Pegasus allows people to do this, we certainly don’t expect anyone to tap our phone,” Saryu Nayyar, CEO of cybersecurity firm Gurucul, told Lifewire in an email.

“As end users, we should always be careful when opening messages from unknown or untrusted sources, no matter how compelling the topic or message…”

The Pegasus spyware came into the picture in July 2021 when Amnesty International announced that it was being used to spy on journalists and human rights activists around the world.

This was followed by a statement in August 2021 after Citizen Lab researchers found evidence of surveillance in nine iPhone 12 Pro Bahraini militants via an exploit that bypassed the latest iOS 14 security protections, collectively known as BlastDoor.

In fact, Apple sued the NSO Group, holding it responsible for circumventing iPhone security mechanisms to spy on Apple users via Pegasus spyware.

“State-sponsored actors like the NSO Group are spending millions of dollars on advanced surveillance technologies without effective accountability. Craig Federighi, Apple’s senior vice president of software engineering, said in a press release about the case that this needs to change.

In a two-part article on Google Project Zero, Beer and Groß explained how NSO Group deployed the Pegasus spyware to the targets’ iPhones using the no-click attack mechanism, which they described as both incredible and terrifying.

A no-click exploit is exactly what it sounds like, victims don’t have to click or tap anything to be compromised. Instead, simply viewing an email or message with the malware attached will allow them to be installed on the device.

Close up of messages on smartphone.

Jamie Street / Unsplash.com

Impressive and dangerous

According to researchers, the attack begins with a treacherous message to the iMessage app. To help us decipher the highly sophisticated attack methodology the hackers developed, Lifewire enlisted independent security researcher Devanand Premkumar.

Premkumar explained that iMessage has several built-in mechanisms to handle animated .gif files. One of these methods checks the specific file format using a library called ImageIO. The hackers used a “gif trick” to exploit a weakness called CoreGraphics in the core support library to gain access to the target iPhone.

“As end users, we should always be careful when opening messages from unknown or untrusted sources, regardless of how compelling the topic or message is, as it is used as the primary entry point. to cell phone,” Premkumar said. an email.

Premkumar added that the current attack mechanism is known to only work on iPhones while Apple is taking steps to eliminate the current vulnerability. But while the current attack was contained, the attack mechanism opened Pandora’s box.

Close-up showing multiple email badges on app page on a red iPhone.

Sara Kurfess / Unsplash

“No-click vulnerabilities aren’t going away anytime soon. “There will be more than such no-click exploits tested and deployed against high profile targets for the sensitive and valuable data that can be extracted from the mobile phones of these exploited users,” Premkumar said.

Meanwhile, Apple has decided to provide free technical, threat intelligence, and engineering assistance to Citizen Lab researchers, in addition to litigation against the NSO, and has promised to offer the same assistance to others. organizations doing critical work in the field.

Additionally, the company went to contribute $10 million in addition to any damages resulting from the lawsuit to support organizations involved in defending and researching cybersurveillance abuse.


See more

Just Looking at That Message Could Compromise Your Device

That cute picture might be more than an image

Key Takeaways
Analyzing the spying scandal uncovered by Citizen Lab, Google security researchers have discovered a novel attack mechanism known as a zero-click exploit.
Traditional security tools like antivirus cannot prevent zero-click exploits.
Apple has stopped one, but researchers fear there will be more zero-click exploits in the future.
Screen Post / Unspalsh.com

Following security best practices is considered a prudent course of action for keeping devices like laptops and smartphones safe, or it was until researchers discovered a new trick that is virtually undetectable.

As they dissect the recently patched Apple bug that was used to install the Pegasus spyware on specific targets, security researchers from Google’s Project Zero have discovered an innovative new attack mechanism they’ve dubbed a “zero-click exploit,” that no mobile antivirus can foil. 

“Short of not using a device, there is no way to prevent exploitation by a ‘zero-click exploit;’ it’s a weapon against which there is no defense,” claimed Google Project Zero engineers Ian Beer & Samuel Groß in a blog post.  

Frankenstein’s Monster

The Pegasus spyware is the brainchild of the NSO Group, an Israeli technology firm that has now been added to the US “Entity List,” which essentially blocklists it from the US market.

“It’s not clear what a reasonable explanation of privacy is on a cell phone, where we often make highly personal calls in public places.  But we certainly don’t expect someone to listen in on our phone, though that’s what Pegasus enables people to do,” explained Saryu Nayyar, CEO of cybersecurity company Gurucul, in an email to Lifewire.

“As end-users, we should always be cautious about opening messages from unknown or untrusted sources, no matter how enticing the subject or message be…”

The Pegasus spyware came into the limelight in July 2021, when Amnesty International revealed that it was used to spy on journalists and human rights activists worldwide. 

This was followed by a revelation from researchers at Citizen Lab in August 2021, after they found evidence of surveillance on iPhone 12 Pro’s of nine Bahraini activists through an exploit that evaded the latest security protections in iOS 14 collectively known as BlastDoor.

In fact, Apple has filed a lawsuit against the NSO Group, holding it accountable for circumventing iPhone security mechanisms to surveil Apple users via its Pegasus spyware.

“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change,” said Craig Federighi, Apple’s senior vice president of Software Engineering, in the press release about the lawsuit.

In the two-part Google Project Zero post, Beer and Groß explained how the NSO Group got the Pegasus spyware onto the iPhones of the targets using the zero-click attack mechanism, which they described as both incredible and terrifying.

A zero-click exploit is exactly what it sounds like—the victims don’t need to click or tap anything to be compromised. Instead, simply viewing an email or message with the offending malware attached allows it to install on the device.

Jamie Street / Unsplash.com
Impressive and Dangerous

According to the researchers, the attack begins through a nefarious message on the iMessage app. To help us break down the rather complex attack methodology devised by the hackers, Lifewire enlisted the help of independent security researcher Devanand Premkumar.

Premkumar explained that iMessage has several in-built mechanisms to handle animated .gif files. One of these methods checks the specific file format using a library named ImageIO. The hackers used a ‘gif trick’ to exploit a weakness in the underlying support library, called CoreGraphics, to gain access to the target iPhone. 

“As end-users, we should always be cautious about opening messages from unknown or untrusted sources, no matter how enticing the subject or message be, as that is being used as the primary entry point into the mobile phone,” Premkumar advised Lifewire in an email.  

Premkumar added that the current attack mechanism is only known to work on iPhones as he ran through the steps Apple has taken to defang the current vulnerability. But while the current attack has been curtailed, the attack mechanism has opened Pandora’s box.

Sara Kurfeß / Unsplash

“Zero-click exploits are not going to die anytime soon. There will be more and more of such zero-click exploits tested and deployed against high profile targets for the sensitive and valuable data which can be extracted from such exploited users’ mobile phones,” said Premkumar. 

Meanwhile, in addition to the lawsuit against NSO, Apple has decided to provide technical, threat intelligence, and engineering assistance to the Citizen Lab researchers pro-bono and has promised to offer the same assistance to other organizations doing critical work in this space. 

Additionally, the company has gone to the extent of contributing $10 million, as well as all the damages awarded from the lawsuit to support organizations involved in the advocacy and research of cyber-surveillance abuses.

#Message #Compromise #Device

Just Looking at That Message Could Compromise Your Device

That cute picture might be more than an image

Key Takeaways
Analyzing the spying scandal uncovered by Citizen Lab, Google security researchers have discovered a novel attack mechanism known as a zero-click exploit.
Traditional security tools like antivirus cannot prevent zero-click exploits.
Apple has stopped one, but researchers fear there will be more zero-click exploits in the future.
Screen Post / Unspalsh.com

Following security best practices is considered a prudent course of action for keeping devices like laptops and smartphones safe, or it was until researchers discovered a new trick that is virtually undetectable.

As they dissect the recently patched Apple bug that was used to install the Pegasus spyware on specific targets, security researchers from Google’s Project Zero have discovered an innovative new attack mechanism they’ve dubbed a “zero-click exploit,” that no mobile antivirus can foil. 

“Short of not using a device, there is no way to prevent exploitation by a ‘zero-click exploit;’ it’s a weapon against which there is no defense,” claimed Google Project Zero engineers Ian Beer & Samuel Groß in a blog post.  

Frankenstein’s Monster

The Pegasus spyware is the brainchild of the NSO Group, an Israeli technology firm that has now been added to the US “Entity List,” which essentially blocklists it from the US market.

“It’s not clear what a reasonable explanation of privacy is on a cell phone, where we often make highly personal calls in public places.  But we certainly don’t expect someone to listen in on our phone, though that’s what Pegasus enables people to do,” explained Saryu Nayyar, CEO of cybersecurity company Gurucul, in an email to Lifewire.

“As end-users, we should always be cautious about opening messages from unknown or untrusted sources, no matter how enticing the subject or message be…”

The Pegasus spyware came into the limelight in July 2021, when Amnesty International revealed that it was used to spy on journalists and human rights activists worldwide. 

This was followed by a revelation from researchers at Citizen Lab in August 2021, after they found evidence of surveillance on iPhone 12 Pro’s of nine Bahraini activists through an exploit that evaded the latest security protections in iOS 14 collectively known as BlastDoor.

In fact, Apple has filed a lawsuit against the NSO Group, holding it accountable for circumventing iPhone security mechanisms to surveil Apple users via its Pegasus spyware.

“State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. That needs to change,” said Craig Federighi, Apple’s senior vice president of Software Engineering, in the press release about the lawsuit.

In the two-part Google Project Zero post, Beer and Groß explained how the NSO Group got the Pegasus spyware onto the iPhones of the targets using the zero-click attack mechanism, which they described as both incredible and terrifying.

A zero-click exploit is exactly what it sounds like—the victims don’t need to click or tap anything to be compromised. Instead, simply viewing an email or message with the offending malware attached allows it to install on the device.

Jamie Street / Unsplash.com
Impressive and Dangerous

According to the researchers, the attack begins through a nefarious message on the iMessage app. To help us break down the rather complex attack methodology devised by the hackers, Lifewire enlisted the help of independent security researcher Devanand Premkumar.

Premkumar explained that iMessage has several in-built mechanisms to handle animated .gif files. One of these methods checks the specific file format using a library named ImageIO. The hackers used a ‘gif trick’ to exploit a weakness in the underlying support library, called CoreGraphics, to gain access to the target iPhone. 

“As end-users, we should always be cautious about opening messages from unknown or untrusted sources, no matter how enticing the subject or message be, as that is being used as the primary entry point into the mobile phone,” Premkumar advised Lifewire in an email.  

Premkumar added that the current attack mechanism is only known to work on iPhones as he ran through the steps Apple has taken to defang the current vulnerability. But while the current attack has been curtailed, the attack mechanism has opened Pandora’s box.

Sara Kurfeß / Unsplash

“Zero-click exploits are not going to die anytime soon. There will be more and more of such zero-click exploits tested and deployed against high profile targets for the sensitive and valuable data which can be extracted from such exploited users’ mobile phones,” said Premkumar. 

Meanwhile, in addition to the lawsuit against NSO, Apple has decided to provide technical, threat intelligence, and engineering assistance to the Citizen Lab researchers pro-bono and has promised to offer the same assistance to other organizations doing critical work in this space. 

Additionally, the company has gone to the extent of contributing $10 million, as well as all the damages awarded from the lawsuit to support organizations involved in the advocacy and research of cyber-surveillance abuses.

#Message #Compromise #Device


Synthetic: Ôn Thi HSG

Trả lời

Email của bạn sẽ không được hiển thị công khai. Các trường bắt buộc được đánh dấu *

Back to top button