Special offer
Home > Blogs > Robert Siciliano > Identity Theft Expert Speaker
bookmark_border

Oh No, iOS Hacked by NSO

By
Services for Real Estate Pros with IDTheftSecurity.com Inc

Recently, says a report at wired.com, it’s been unveiled that the obscure Israel-based NSO Group has been selling spyware delivered to smartphones through vulnerabilities in Apple’s iOS operating system.

“Pegasus” spyware can put a surveillance out on nearly everything including keystrokes, e-mails, video feeds and phone calls. Apple says that the three vulnerabilities with this spyware (“Trident”) have been patched.

In short, NSO Group’s spyware has been reverse engineered for the first time—achieved by the security research firm Lookout, which discovered Pegasus. Also getting credit for the discovery is Citizen Lab.

  • Ahmed Mansoor, a well-known human rights activist with a history of being targeted by surveillance spyware, sent the security firms the suspicious SMS text messages he had received.
  • Mansoor’s mobile device was running iOS’s latest version when two phishing texts came in with links. He had refused to click them.
  • Instead he sent screenshots to Citizen Lab. The links led to a blank Safari browser page. The analysis then began.
  • The spyware was intended to jailbreak the phone.

Jailbreaking an iPhone means the user can bypass Apple’s plan and customize the experience. However, in the Pegasus case, remote hackers wanted this control.

Citizen Lab and Lookout took their analysis to Apple, who made the patches within 10 days. The recommendation is to regularly download the latest iOS versions to help protect the device from attacks. The latest iOS version will stop Pegasus. However, it’s possible for NSO to infiltrate other phone operating systems like Android with the spyware, says Citizen Lab and Lookout.

NSO Group has no website, and supposedly, earns $75 million a year, with governments as the typical clients, and may have up to 500 employees. It won’t be any surprise if a new and similar threat follows soon, as the NSO Group is quite advanced, with a solid software development organization.

Robert Siciliano CEO of IDTheftSecurity.com, personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Show All Comments
Kristin Johnston - REALTOR®
RE/MAX Platinum - Waukesha, WI
Giving Back With Each Home Sold!

Well I guess I dont have an i phone on this one!  Always so much to be aware of!

Dec 22, 2016 06:41 AM
Rose Mary Justice
Synergy Realty Pros - Dandridge, TN
Synergy Realty Pros

It is so sad that we always have to be on our toes to protect our personal information.  There is always someone trying to get something for nothing instead of working for a living.   Yahoo had been hacked as well. As a user I am worried, but have taken steps to protect as suggested.   Glad to have this info as well.

Dec 22, 2016 06:43 AM
Joan Cox
House to Home, Inc. - Denver Real Estate - 720-231-6373 - Denver, CO
Denver Real Estate - Selling One Home at a Time

Robert, I agree, there is always a new hacking story we need to be aware of, thanks for sharing! 

Dec 22, 2016 07:00 AM
Grant Schneider
Performance Development Strategies - Armonk, NY
Your Coach Helping You Create Successful Outcomes

Hi Robert - I download all updates immediately.  They have finally targeted iOS. 

Dec 22, 2016 07:20 AM
Kathy Streib
Cypress, TX
Home Stager/Redesign

Hi Robert- ugh..what next!!!  I do have Lookout on my phone, though. 

Dec 29, 2016 05:07 PM
Back to Top

What's the reason you're reporting this blog entry?

Are you sure you want to report this blog entry as spam?