The Apple community was this week rocked by news of dangerous malware named Pegasus. What is Pegasus exactly and how much walking you in danger? Which you can read in this article. Good to know is that Apple is for anyone with a recent iPhone or iPad has solved the problem. In iOS 9.3.5, iOS 10 beta 7 and the public beta of iOS 6 10 is the vulnerability poem.
What is Pegasus
Pegasus is the name of spying software, which is sold by the NSO? Group in Israel. The software is used by governments to spy on activists, journalists and other targets. So it will be used to spy on Rafael Cabrera, a Mexican journalist who revealed abuses of a powerful Mexican family. NSO sells software for millions to governments. The software sends messages that mimic the Red Cross, Facebook, Federal Express, CNN, Al Jazeera, Google and other bona fide organizations.
The chances of you being spied upon as an ordinary citizen, is not so great. Unless you’re an investigative journalist, dissident and human rights activist are, for organizations such as Bits of Freedom operates or leads a double life as a spy. Are your average citizen, then you still need to protect your private information with things like two-step authentication and encryption of your posts, but the chance that you are Pegasus target is quite small.
These devices are protected against Pegasus
Do you have a iPhone 4s or later, it is advisable to iOS 9.3.5 Late to install. Are you tester, then offer 10 beta iOS 7 and iOS 10 public beta 6 also protect against Pegasus. Unfortunately, you do have a problem if you have an iPhone 4 or above, iPad 1 or a iPod touch 4G or older have, for that Apple still has not given security. These devices continue stabbing on iOS 7.1.2 and sometimes much older versions
This is the current situation for older devices:.
- 1 iPad: iOS 5.1.1 ( published in 2012)
- iPhone 4: iOS 7.1.2 (published in 2014)
- iPhone 3Gs and iPod touch 4G: iOS 6.1.6 (published in 2014)
- iPod touch 3G iOS 5.1.1 (published in 2012)
- iPhone 3 and iPod touch 2G: iOS 4.2.1 (published in November 2010)
- iPhone 1: iOS 3.1.3 (published in 2010)
- iPod touch 1G: iOS 1.1.5 (published in 2008)
For all devices mentioned above, there is therefore no Pegasus protection against malware. You can use these devices, therefore, not be more privacy-sensitive activities.
This is going on
Human rights activist Ahmed Mansoor, who lives in the United Arab Emirates (UAE), received a text message on his iPhone. There were ‘new secrets’ promises about the torture of prisoners in UAE when he clicked on a link. The linkje seemed to refer to a webpage of the Red Cross. Mansoor decided not to click, but sent the message to the Citizen Lab, a research institution. They recognized the message as malware NSO Group, an Israeli company that sells spy software to governments. NSO Group is now owned by an American venture investor Francisco Partners Management.
Citizen Lab conducted in collaboration with security company Lookout Security further investigation. In addition, they discovered that Pegasus uses less than three zero-day exploits . These newly discovered vulnerabilities that have not been resolved. Mansoor could have clicked on the link, then his iPhone in a few seconds unsolicited jailbroken. Also, the iPhone 6 Mansoor have turned into a spy phone, he would be monitored from the camera and microphone and all its activities, including phone calls and WhatsApp conversations would be recorded. The use of encrypted message apps like Telegram and Signal is not safe enough.
Is your iPhone more secure?
The situation shows that your iPhone is not as safe as people sometimes think, even though Apple is committed to protection to your data with encryption and privacy promises. The three leaks where Pegasus use them until recently were not known at Apple and probably abused for years “critical elements” to spy on in society. Companies such as NSO said they quietly use. NSO claims that everything they do is legal and that they operate within current legislation. Governments that buy the software, promise that they will use it legally, but obviously NSO can not be extended check (and it is questionable whether they would like).
NSO has customers all over the world, including in Western countries such as Mexico. Moreover NSO is not the only company offering such software. The FBI and the Dutch police are clients of the Israeli company also Cellebrite, that hacks fee iPhones. In addition, in the gray economy still all kinds of hacker groups who make money by exploiting hacks. The FBI switched such an ‘anonymous’ hackers group in order to gain access to the iPhone from a terrorist from San Bernardino.
Apple may well have created a rewards program for hackers, which you can earn great. But there is still earn a lot more if you are selling an exploit to ‘cyberwar’ companies such as NSO and Cellebrite.
These are the Trident exploits
used Pegasus
Analysis Lookout reveals that there are three zero-day exploits are used, making it possible to click to jailbreak an iPhone with one. That is reminiscent of the early days of the iPhone, to you was required to jailbreak the iPhone to make the device unlocked. You had while clicking on a link to perform the jailbreak. Nowadays, it has become a little more complicated to jailbreaken, but the method which has been found NSO operates somewhat in the same way. An unsuspecting victim clicks performed on a link in a message, and the jailbreak.
Lookout explains the three zero-day exploits thereby be used, calling them together Trident (to keep intact the nuances read below the original English text):
- CVE-2016-4655: Information leak in kernel – A kernel base mapping That vulnerability leaks information to the attacker-allowing him to calculate the kernel’s location in memory
- CVE-2016-4656: kernel. Memory corruption leads to jailbreak – 32 and 64 bit iOS kernel-level vulnerabilities That allow the attacker to silently jailbreak the device and install surveillance software
- CVE-2016-4657: Memory Corruption in Webkit – A vulnerability in. the Safari WebKit that Allows the attacker to compromise the device When the user clicks on a link.
Can Apple avoid this in the future?
Apple is working hard to ensure that this does not occur again, because she delivers reputation damage. Indeed, Apple promised that your privacy is always safe and comments from the FBI, NSA and other intelligence you got the impression that it is almost impossible to break into an iPhone. That now appears to be a lie: with NSO software it was possible for many years to monitor users. The problem is that Apple has to deal with thousands of lines of code that can always sneak a few glitches. It is impossible to intercept early all vulnerabilities before hackers find them. Apple hackers already called the greatest threat to users’ privacy.
Apple could do several things to prevent such situations: quickly respond when a zero-day exploit is discovered, work better with external security experts and work continuously on security products. How they address can be seen among others in the Black Hat presentation that Apple this year gave the known security conference. But it will always be a cat-and-mouse game. The only reassurance is that you probably do not Ahmed Mansoor hot, do not live in a country where dissidents simply be arrested and your doings probably is not interesting enough to follow every day.
Apple’s only response so far:
We advise all our customers to always install the latest version of iOS to protect themselves against potential beveiligingsexploits.
No comments:
Post a Comment