Tuesday, February 7, 2023
HomeDigit NewsHow the iPhone was jailbroken. Google experts figured out how Pegasus...

How the iPhone was jailbroken. Google experts figured out how Pegasus spyware works


Google Project Zero, a group of security experts looking for software vulnerabilities that could be exploited by hackers, has published its analysis of the ForcedEntry exploit. The ForcedEntry exploit was developed by the Israeli firm NSO Group, which exploited it and a vulnerability in the Apple iMessage platform to deploy its Spyware Pegasus.

The Google Project Zero team used a ForcedEntry sample provided by the University of Toronto Citizen Lab experts who first discovered the exploit. In an in-depth analysis of the exploit, Project Zero stated that ForcedEntry uses a zero-click attack, which means the victim does not need to open a link or grant permission. The hack bypassed Apple iOS’s zero-click security and, using Apple iMessage, hijacked Pegasus spyware devices.

ForcedEntry used the way iMessage accepted and interpreted files like GIFs to trick the platform into opening a malicious PDF file without any user intervention. The exploit exploited a weak spot in an old compression technology designed to create compressed PDF files when scanning a document with a physical scanner. This same technology is still used by computers today.

Download Link

ForcedEntry uses a script that consists of logical commands written directly to a masked PDF file. This allows him to organize and launch the entire attack while hiding in iMessage, making it even more difficult to find. The fact that ForcedEntry uses such a technology makes it unique in that many of these attacks must use a so-called command and control server to send instructions to the malicious program.

Project Zero’s analysis is important not only because it reveals the details of how ForcedEntry works, but also because it shows how impressive and dangerous proprietary software can be.

Senior Fellow at Citizen Lab John Scott-Railton

As a reminder, at the end of November the company Apple sues Israel’s NSO Group and its parent companyto hold them accountable for spying and harassing Apple users. The lawsuit contains new information about how the NSO Group infected the victims’ devices with its Pegasus spyware.

.

MOBILE

Moto E13 coming to India with 1TB storage and Android 13, will be launched on this day

Moto E13 coming to India with 1TB storage and Android 13,...

New Delhi. Motorola is going to launch its new phone in the Indian market on February 8, which is named Motorola. As per the...
- Advertisment -

Auto

Two Wheeler

Digit News

Jobs