Israeli Hackers ‘NSO Group’ Busts iPhone Security: Facts About Terrifying Group That Sparked Apple iOS 9.3.5 Patch
A company called NSO Group has been found responsible for providing tools utilized in a hacking attempt on a human rights activist in the United Arab Emirates.Advertisement
However, not much is known about the Israeli company at present. The company is responsible for selling hacking tools to governments and military.
The group also keeps changing its name in order to maintain a lower profile.
NSO Group busted iPhone security: Communication data can be pilfered by attackers
According to Motherboard, the contacts of the targeted user’s communication data would be pilfered by the attackers. Called Pegasus, the package was created to invade an iPhone and send contacts and communications of a targeted user to a remote monitor.
“It basically steals all the information on your phone, it intercepts every call, it intercepts every text message, it steals all the emails, the contacts, the FaceTime calls,” Mike Murray, Lookout’s Vice President of Research, said.
As reported by Business Insider, Lookout Security and Citizen Lab’s Bill Marczak and John Scott-Railton brought to light a massive security flaw in the iOS that would give the attacker full control of an iPhone using merely a text message. The iOS 9.3.5 patch has been created to prevent the attack.
However, Lockout said the majority number of iPhone users should not be affected because of the “targeted nature” of the hack.
NSO Group busted iPhone security: More threats other than stealing of data
“Dissidents, activists — these are kind of the people on the front-lines of what is to come for all of us tomorrow, these guys are sort of the canaries in the coal mine,” Marczak said. “The threats that they are facing today are threats that perhaps ordinary users will face tomorrow.”
Some of the other threats, other than stealing of data, include updating GPS information and sending it to the command and control server, loading the iOS Keychain and dumping all of the victim’s data, taking the details of any and all wireless networks the particular phone has been connected to, and intercepting phone calls and WhatsApp messages.