Israeli spyware developer NSO exploits unknown vulnerabilities to invade iOS devices without user interaction

The Israeli spyware developer NSO, which was exposed by the media many years ago, is now at the forefront again. The company was found to be attacking politicians and activists in many countries.

NSO is an approved spyware developer located in Israel. Its customers are mainly used by government agencies in some countries in the Middle East to conduct specific activities.

Including attacks on politicians of other countries to obtain intelligence or attacking activists for tracking, the reason for espionage is that NSO has a variety of security vulnerabilities.

Take Apple as an example. The security of iOS devices has always been higher than that of Android devices, but even the latest version of the iOS system NSO can continue to attack.

The investigation found that NSO Group has conducted attacks through unknown security vulnerabilities in Apple iMessage in recent years. This attack process does not require users to click on links.

As long as the group obtains the mobile phone number or Apple account of the target user, it can be fully monitored by sending information with special content to the iOS device.

The Pegasus spy software developed by NSO Group can collect emails, call records, social account information, passwords, contacts, photo albums, and videos of target users. It can even remotely activate the camera or microphone to monitor the user’s conversation and record the video.

To this end, Apple engineers issued a response stating that the company’s equipment and system security is obvious to all. Although there are attacks against specific users, the scope of the attacks is relatively small.

Therefore, the company can guarantee the information security of the vast majority of users, while continuing to invest in security to provide better security protection for all users.

Security researchers said that Apple devices have Apple iMessage enabled by default and accept any content sent by anyone by default.

Even if users can set unknown contact filtering, this does not prevent spyware developers from launching attacks, so this type of information protocol itself is not secure enough.

Apple stated that the company strictly restricts related code from running on Apple devices, and this feature can prevent all kinds of malware from infecting Apple devices in this way.

But in fact, spyware developers can infect Apple devices through special links without even interacting, unless the user completely turns off the iMessage function.

Via: thehackernews