By now, we’ve all heard of Pegasus and the NSO Group. Thanks to this Israeli company, activists, political dissidents, journalists and other personalities around the world have seen their personal information, communications and espionage activities remotely. A whole scandal that even led Apple to denounce the company. AND It all started with a single imagealso fake, on a Saudi activist’s iPhone.
“You can’t create a backdoor just for the good guys”
We have known Pegasus for a long time, a software that, like traditional software, has evolved to add more features and capabilities. The real attention, however, has been given to him over the past few months, when, as we said, following the discovery of the widespread use of this spy tool in some governments, this led Apple to denounce the NSO group. And this is just one of the actions that the Israeli company is facing, which has also received actions from the US government.
And how was Pegasus discovered? Reuters collects the interesting story of how a single image on an iPhone led to this cascade of events. In February 2021, activist Loujain al-Hathloul was released from prison in Saudi Arabia for advocating for the abolition of the ban on female drivers in the country.
Shortly after his release, Google notified him that a group of government hackers had tried to compromise his Gmail account. Given the scenario and the possibility that his iPhone was compromised, al-Hathloul contacted Citizen Laba privacy rights group based in Canada.
A Gmail review, a hint and a photo were enough to discover Pegasus.
After six months of scouring iPhone logs, CitizenLab researcher Bill Marczak has had a breakthrough. Due to a bug in the Pegasus software, the malware, left a copy of a malicious image after stealing the messages of your target.
With this first clue part of the attack code has been discovered, which gave a direct connection to the NSO Group spy tool. “It was a game-changer,” Marczak said. “We detected something the company thought was undetectable.”
“The discovery amounted to a hacking scheme and prompted Apple to notify thousands more victims of state-backed hacking around the world, according to four people with direct knowledge of the incident.”
“Citizen Lab and al-Hathloul’s discovery formed the basis of Apple’s November 2021 lawsuit against NSO and also reverberated in Washington, where US officials learned that NSO’s cyber weapon was being used to spy on American diplomats.”
Here the words of Tim Cook may come to mind: “You can’t create a backdoor just for the good guys”. Without even backdoors of any kind, these attacks, backed by vulnerabilities yet to be discovered and patched, are highly effective. Their high cost, however, completely distances them from the general public and relegates them to very specific objectives.
And yes, there are tools that allow us to check if our iPhone has been attacked by Pegasus. Even if, as we have just said, it is not an attack of which, a priori, we are going to be the target. An attack, on the other hand, which after the wave of complaints and legal actions may soon be coming to an end.
Imagen | Kevin Ku