Israel Spyware Capable Of Mining Data From Almost Any Devices And Apps, Report Found

With almost everything is connected to the internet, it seems to be no end to vulnerabilities waiting to be discovered.

And here, according to the Financial Times, an Israeli spyware called the 'Pegasus' from the firm NSO, is thought to be able to gather data from Apple’s devices and cloud storage, as well as Google Android phones, and third-party apps installed on the phone that communicate over “encrypted and secure” connections.

The London paper wrote that NSO group had "told buyers its technology can surreptitiously scrape all of an individual's data from the servers of Apple, Google, Facebook, Amazon and Microsoft," according to people familiar with the company sales pitch.

In short, Pegasus in a highly invasive tool, and can spy on almost any device and any social media networks and messaging apps.

Citing FT, it is said that the program had "evolved to capture the much greater trove of information stored beyond the phone in the cloud, such as a full history of a targets' location data, archived messages or photos".

A spokesperson from NSO denied such allegation:

"There is a fundamental misunderstanding of NSO, its services and technology."

"NSO's products do not provide the type of collection capabilities and access to cloud applications, services, or infrastructure as listed and suggested in today's FT article."

But given that NSO "creates technology that helps government agencies prevent and investigate terrorism and crime to save thousands of lives around the globe.normally sold such products to law enforcement and intelligence agencies", there are fears that the Pegasus spyware is also used by countries to help enforce authoritarian and dictatorship leadership.

NSO Pegasus

The Pegasus software is supposedly designed to capture and clone authentication tokens used for services using the internet.

It does this by essentially constructing a man-in-the-middle attack to pretend to be the target user’s device.

The software then downloads whatever data its users want from the origin server by making requests that seem to be coming from the origin device.

In other words, Pegasus can impersonate targets' credentials.

The hack can also go undetected, as hacking to targets' account doesn't require two-factor authentication or trigger warning email to be sent out.

In a statement to the Financial Times, Apple doesn't deny that such tool could exist, saying that “some expensive tools may exist to perform targeted attacks on a very small number of devices, we do not believe these are useful for widespread attacks against consumers.”

NSO first came under the spotlight back in 2016, when researchers accused it of helping spy on an activist in the United Arab Emirates. NSO was also reported to be behind the publicized WhatsApp hack, which provided a vector to install Pegasus spyware on unsuspecting individuals’ phones.

The Facebook-owned company fixed the issue on its platform earlier this 2019.