Pegasus is a spy software that can be installed on devices running certain iOS versions, Apple's mobile operating system, developed by Israeli cyberarms company NSO Group. Discovered in August 2016 after an unsuccessful attempt to install it on the iPhone belongs to human rights activists, the investigation revealed details about spyware, its capabilities, and exploited security vulnerabilities. Pegasus is able to read text messages, track calls, collect passwords, browse phone locations, and collect information from apps. Apple released version 9.3.5 of its iOS software to fix its vulnerability. News about spyware garnered significant media attention. It's called the "most sophisticated" smartphone attack ever, and became the first time in iPhone history when long-distance jailbreak exploits have been detected. The company that created spyware, NSO Group, stated that they provide "official government with technology that helps them fight terror and crime".
Video Pegasus (spyware)
Detail tentang spyware
Pegasus is the name of the spyware that can be installed on devices running certain iOS versions, Apple's mobile operating system. After clicking on a malicious link, Pegasus secretly activates the jailbreak on the device and can read text messages, track calls, collect passwords, track phone locations, and collect information from apps including (but not limited to) iMessage, Gmail, Viber, Facebook , WhatsApp, Telegram, and Skype.
Maps Pegasus (spyware)
Patch
Apple released iOS version 9.3.5 for iPhone smartphone product line in August 2016. Update details are fixes for three important security vulnerabilities exploited by Pegasus.
Spyware discovery
The vulnerability was found ten days before the iOS 9.3.5 update was released. Arab human rights advocate Ahmed Mansoor received a text message promising "'secret' about torture in prisons in the United Arab Emirates", along with a link. Mansoor sent a link to Citizen Lab. The investigation took place with the collaboration of the Lookout security firm that revealed that if Mansoor had followed the link, he would have jailbroken his phone on the spot and embed the spyware into it. The Citizen Lab links the attack to a private Israeli spyware company known as the NSO Group, which sells Pegasus to the government for "legitimate interception", but there is a suspicion that it is applied for other purposes. The NSO Group is owned by an American private equity firm, Francisco Partners.
Regarding how widespread the issue is, Lookout explains in a blog post: "We believe that this spyware has been in the wild for significant time based on some indicators in the code" and shows that the code shows signs of "a kernel mapping table that has a value all the way back to iOS 7 ".
Vulnerability
Lookout provides details of three vulnerabilities:
- CVE-2016-4655: Information leaked in Kernel - A kernel base mapping vulnerability that leaked information to an attacker allowing it to calculate kernel locations in memory.
- CVE-2016-4656: Kernel Memory corruption leads to Jailbreak - 32 and 64 bit iOS kernel-level vulnerabilities that allow attackers to secretly jailbreak devices and install surveillance software.
- CVE-2016-4657: Memory Corruption in Webkit - A vulnerability in Safari WebKit that allows attackers to compromise a device when a user clicks on a link.
Reactions
News
News about spyware gained significant media attention, especially as it is called the "most sophisticated" smartphone attack ever, and, for the first time in iPhone history when remote jailbreak exploits have been detected.
NSO Group Comments
And Tynant of The Guardian wrote an article featuring comments from the NSO Group, where they stated that they provided "government authorities with technology that helped them fight terror and crime", even though the Group told him they had no knowledge of any incidents.
Program bug-bounty skepticism
In the aftermath of the news, critics assert that Apple's bug-gift program, which rewards people for finding flaws in its software, may not offer enough rewards to prevent exploits being sold on the black market, rather than being reported back to Apple. Russell Brandom from The Verge commented that Apple's bounty bug program, which rewards those who manage to find errors in the software, maximizes payments of $ 200,000, "only a fraction of the millions are regularly spent. for iOS exploits on the black market ". He keeps asking why Apple is not "spending way out of security vulnerabilities?", But also writes that "as soon as [Pegasus] vulnerabilities are reported, Apple patches them - but there are many other bugs left.At spyware companies see the purchase of exploits as a one-time payment for years of access, Apple's gifts must be paid whenever new vulnerabilities arise. "Brandom also writes; "The same researchers who participated in Apple bug prizes could make more money selling the same finds to exploit brokers." He concluded the article by writing; "It's hard to say how much damage might happen if Mansoor has clicked on spyware links... The hope is, when the next researcher finds the next bug, the thought is more important than money."
See also
- iOS 9
References
Source of the article : Wikipedia
0 Comments