Explosive iOS spy report shows Android security limitations

Amnesty International finds the incompatibility tool used by the NSO Group worrisome.

The shadowy world of private spyware has long sounded the alarm in cybersecurity circles, with authoritarian governments repeatedly targeting the smartphones of activists, journalists and political rivals. With malware purchased from reckless brokers. Corporate monitoring tools often target iOS and Android, which seem unable to counter the threat. But a new report shows that the scale of the problem is much greater than expected — and on the other hand, security researchers seeking a cure have put pressure on mobile tech makers, especially Apple.

This week, an international group of researchers and journalists from Amnesty International, Banned Stories and more than a dozen other organizations published forensic evidence that a number of the world's governments - including Hungary, India - Mexico, Morocco, Saudi Arabia and the United Arab Emirates - may be Agents of the well-known Israeli espionage company NSO Group. The researchers revealed a list of 50,000 phone numbers linked to activists, journalists, executives and politicians, all of whom were potential targets for surveillance. They also specifically looked at 37 devices that were infected or targeted by the NSO Pegasus offensive spyware. They even created a tool to check if your iPhone has been compromised. iOS Explorer Spy Report Shows Android Security Restrictions NSO Day Group Tuesday called investigation "allegations" This is not a list of Pegasus targets or potential targets," a NSO spokesperson said. The numbers on the list are not NSO targets at all.” They are wrong. On Wednesday, NSO said it would no longer answer media questions.

NSO Group is not the only spyware vendor, but it has the highest specs. WhatsApp sued the company in 2019. Apple's BlastDoor feature, which was introduced in iOS 14 earlier this year, was an attempt to stop "zero-click" violations, non-required attacks. Victims are hit or charged. This protection doesn't seem to be working as intended; the company released an iOS patch on Tuesday to address the latest round of NSO hacking. Contrary to the report, many security researchers say both Apple and Google can and should Do more to protect their users from these sophisticated monitoring tools. /p>

“This certainly illustrates the overarching challenges with mobile security and search capabilities. “I also believe that seeing zero-click NSO contamination of Android and iOS shows that attackers can continue to incentivize them despite Apple’s control over their products and ecosystem.” Tensions have long been a source of debate between Apple and the security community over researchers' limited ability to Conduct forensic research on iOS devices and deploy monitoring tools.Access to the operating system is likely to contribute to more attacks in real time, allowing researchers to gain a deeper understanding of how these attacks were built in the first place.Currently, security researchers rely on a small set of Pointers in iOS, in addition to accidental jailbreaking.And while Android is more open in design, it also sees limitations on “watching.” Some researchers say that effective anti-spyware like Pegasus requires access to read the device’s file system, The ability to monitor running processes, access system logs, and other telemetry operations.A lot of criticism has been leveled at Apple because of this, as the company has historically introduced security protections to touch You serve it more than the fragmented Android ecosystem. Juan Andres Guerrero-Saad, one of the leading threat researchers, says, "The truth is that we're exactly keeping Apple at a higher level, because they do much better." Android is free for everyone. I don't think anyone expects Android security to improve to the point where we all have to worry about targeted attacks without any abuse.

In fact, AI researchers say they have found it easier than ever to find a compromise on Apple devices being targeted by Pegasus malware. Those using stock Android.

< p> The group wrote: "In the AI ​​experiment, there is far more forensic evidence available to researchers on iOS devices than on iOS. There are stock Android devices, so our approach focuses on earlier devices.” A long technical analysis of their Pegasus findings. “As a result, the most recent cases of confirmed infections by Pegasus have involved iPhones.” Matthew Green, a programmer at Johns Hopkins University, said: Some of the focus on Apple is also from the company's focus on privacy and security in the design and marketing of its products.” He tries, but the problem is that they aren't doing their best as they should.

However, more open people face similar criticism from Google that Security researchers have access to their own mobile operating system.Zoc Avraham, CEO of ZecOps Analytics Group and a longtime advocate for mobile data access, said: “Android and iOS both have different types of reporting. It is very difficult to compare them.” One has an advantage, but both are insufficient and enable actors to hide the threat.” Both Apple and Google are reluctant to explore further digital sausage forensics. And while most independent security researchers support this shift, some acknowledge that increased access to the remote tracking system also helps bad actors.

" While we understand that continuous reporting is more useful for forensic uses such as cases. A Google spokesperson told WIRED: "What the AI ​​researchers have described will also be useful to attackers. "We are constantly balancing these different needs." "Apple unequivocally condemns cyber attacks against journalists, human rights activists, and others who want to make the world a better place," said Evan Kristek, president of Apple Security and Architecture Engineering, in a statement. The industry is into security innovation, and as a result, security researchers agree that the iPhone is the safest and most consumer of the yellow device on the market. Attacks like the ones described are very complex. They cost millions of dollars to develop, often short-lived and used to target specific people, although this does not mean that they pose a threat to the vast majority of our users, but we stand up for all of our customers. We will continue to work tirelessly and constantly add new protections to devices and their data.

This trick is to strike the right balance between providing more system pointers without making it too much easier for attackers to do. It's easy. An iOS security researcher says: "There is a lot of work Apple can do in a very secure way to allow Showing and photographing iOS devices for this kind of annoying behavior, but it doesn't seem to be a "priority." Will Estravach. "I'm sure they have a fair political reason for that, but that's something I don't agree with and I'd like to see a change in that thinking."

Thomas Reed, director of Mac OS and mobile operating systems at Malwarebytes Antivirus, says he agrees that more knowledge of iOS will benefit the user's defense. But, he adds, allowing private, trusted monitoring software comes with real risks. He pointed out that there are currently suspicious and potentially unwanted programs in macOS that antivirus software can't completely remove because the operating system gives them this particular kind of trust in the system, which is probably wrong. The same problem with rogue system analyzers will almost inevitably be present in iOS. "We also always see national government malware on desktop systems that goes undetected several years after deployment." Reid adds. "And that's on systems where different security solutions are currently available. Many eyes are looking for this malware better than a few. I'm just worried about what to look for in this feature. We have to make a deal." Project Pegasus, as a consortium of researchers calling for new findings, underscores the fact that it is unlikely that Apple and Google will be able to tackle the threats posed by private spyware vendors. The scale and extent of Pegasus' potential targets suggests that a global ban on private espionage may be necessary.

"Stopping hackers is at least one valid answer - only three". Edward Snowden, a whistleblower for the NSA, tweeted Tuesday in response to Project Pegasus' findings. "Everything is less and the problem is getting worse."

On Monday, Amazon Web Services took the step of shutting down its NSO-connected cloud infrastructure.

No matter what happens to the NSO group in particular, or to the private surveillance market in general, user devices are still the ultimate covert targeted attacks from any source. Even if Google and Apple are not expected to solve this problem themselves, they need to work in a better way.

This story originally appeared on

Explosive iOS spy report shows Android security limitations
explosive-ios-spy-report-shows-android-security.html Researchers use Starlink satellites to locate GPS-like locations

Researchers use Starlink satellites to locate GPS-like locations

In a new paper, engineering researchers looked at six satellites to find locations with a resolution of eight metres.

Broadband satellite sig... Movie studios are suing LiquidVPN for $10 million - but is it fair?

Movie studios are suing LiquidVPN for $10 million - but is it fair?

Independent film studio LiquidVPN is seeking $10 million in damages. The companies, who are now seeking $10 million in damages, claim that LiquidVPN's... Three 0 days on iOS showed researcher disappointed with rewarding Apple bugs

Three 0 days on iOS showed researcher disappointed with rewarding Apple bugs

Public disclosure follows other grievances about Apple's behavior to reward bugs.

Yesterday, a fictional security researcher revealed three s... Exchange / Outlook showed an error auto detecting more than 100,000 email passwords

Exchange / Outlook showed an error auto detecting more than 100,000 email passwords

A flaw in the Autodiscover protocol could expose email passwords to third parties. essential. This flaw allows attackers who buy domains called "autod... The chip shortage is now exacerbated by labor shortages

The chip shortage is now exacerbated by labor shortages

Material costs will also rise and the shortage will continue until 2022.

According to a new industry survey, the shortage of semiconductor ch... Security audit raises stern warnings about Chinese smartphone models

Security audit raises stern warnings about Chinese smartphone models

The audit flagged Xiaomi and Huawei but it's licensed to OnePlus. The Lithuanian National Cyber ​​Security Center (NCSC) recently released a secur...