iphone 12 and iphone 13.

According to a security expert who has spent years studying hacks by Israeli firm NSO, which has a turnover of $ 1 billion, the spyware for iPhone made by the monitoring company has revealed "major" issues in Apple's iMessage security.

Reports from Amnesty International and Citizen Lab, following an alleged data leak on 50,000 potential targets of NSO's spy tool Pegasus, claimed that they had both seen a so-called attack "zero clicks”exploiting numerous vulnerabilities in a fully patched iPhone 12 Pro Max running iOS 14.6 in July 2021. This notably included hacks of iMessage.

Citizen Lab researcher Bill Marczak told Forbes that in some cases Apple's iOS will automatically run data in iMessages and attachments, even when it comes from strangers, which could result in endangered users.

“This is a recipe for disaster,” he said. "Apple should consider implementing something similar to what Twitter or Facebook has for their DMs, where messages from strangers are somewhat hidden, and filtered in a separate pane by default."

For now, adds Bill Marczak, this is not a problem for the average iPhone user, as the target list acquired by the nonprofit Forbidden Stories focused primarily on people at the top. risk of government surveillance, from journalists like Financial Times editor-in-chief Roula Khalaf to relatives of murdered journalist Jamal Khashogghi. Heads of state are also said to be on the list of potential targets. NSO has been questioned several times over the past five years after its tools were seen targeting Mexican lawyers, Saudi activists and journalists around the world, though the company claims its software is used to help governments catch criminals like terrorists and pedophiles.

“But if Apple doesn't nip this problem in the bud, these kinds of zero-click iMessage attacks will inevitably proliferate among less sophisticated hackers, such as cybercriminals,” Marczak warned. He previously posted on Twitter that an Apple security mechanism called BlastDoor, designed to segment content in iMessage in case it contained malicious links or code, did not protect users from these dangerous exploits. He noted that some of these exploits used ImageIO and its JPEG and GIF image analysis capabilities. “Over a dozen high-severity bugs were reported against ImageIO in 2021,” he tweeted.

Apple, however, believes that its technology protects users well against text-based attacks. For example, the tech giant said that if a link to a website is sent to a user through iMessage, they will not reach a web page to preview the site and will only accept an image from static preview of the sender. BlastDoor will treat them as untrusted sites and any code from such sites that is launched should only run in a separate and secure part of the operating system. This should block any hacks initiated by a link to a website.

“Apple unequivocally condemns cyber attacks against journalists, human rights activists and others who seek to make the world a better place. For more than a decade, Apple has been at the forefront of innovation in security, and therefore security researchers agree that the iPhone is the safest and most secure consumer mobile device. secure market, ”said a spokesperson for the Cupertino tech giant.

“Attacks like the ones described are very sophisticated, cost millions of dollars to develop, often have a short lifespan, and are used to target specific individuals. While this means that they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all of our customers, and we are constantly adding new protections for their devices and data."

The next iteration of Apple's operating system should come with further enhancements designed to counter sophisticated exploits, the spokesperson added, without giving further details.

NSO, meanwhile, said reports of a leak of 50,000 targets of its spyware were "false", suggesting to the Guardian that they were based on "unsubstantiated theories that raise serious doubts about the reliability of your sources, as well as on the basis of your history ”. Some publications, including the Washington Post and The Guardian, have noted that just because a person's device is on the list of potentially targeted phones does not mean their phone has been infected with Pegasus spyware.

The company has denied that its tools were used to target members of Jamal Khashogghi's family, after reports suggested that his former wife, Hanan Elatr, and his fiancee Hatice Cengiz were targeted both before and after his death. (Jamal Khashogghi would have had a relationship with the two women at the time of his death). “As NSO has previously stated, our technology was in no way associated with the heinous murder of Jamal Khashoggi. We can confirm that our technology has not been used to eavesdrop on, monitor, track or collect information about him or his family members mentioned in your request. We have already investigated this allegation, which, once again, is made without validation ”. (Forbes)

Post A Comment: