NEWS
Israeli Security Firm Claims Spyware Tool Can Harvest iCloud Data in Targeted iPhone Attack
3502
2019-07-22
Posted by 3uTools

An Israeli security firm claims it has developed a smartphone surveillance tool that can harvest not only a user's local data but also all their device's communications with cloud-based services provided by the likes of Apple, Google, Amazon, and Microsoft. 

Israeli Security Firm Claims Spyware Tool Can Harvest iCloud Data in Targeted iPhone Attack
According to a report from the Financial Times [paywalled], the latest Pegasus spyware sold by NSO Group is being marketed to potential clients as a way to target data uploaded to the cloud. The tool is said to work on many of the latest iPhones and Android smartphones, and can continue to harvest data even after the tool is removed from the original mobile device. 


The new technique is said to copy the authentication keys of services such as Google Drive, Facebook Messenger and iCloud, among others, from an infected phone, allowing a separate server to then impersonate the phone, including its location. 


This grants open-ended access to the cloud data of those apps without "prompting 2-step verification or warning email on target device", according to one sales document.


Attackers using the malware are said to be able to access a wealth of private information, including the full history of a target's location data and archived messages or photos, according to people who shared documents with the Financial Times and described a recent product demonstration. 

When questioned by the newspaper, NSO denied promoting hacking or mass-surveillance tools for cloud services, but didn't specifically deny that it had developed the capability described in the documents. 

In response to the report, Apple told FT that its operating system was "the safest and most secure computing platform in the world. While some expensive tools may exist to perform targeted attacks on a very small number of devices, we do not believe these are useful for widespread attacks against consumers." The company added that it regularly updates its operating system and security settings. 

The news raises concerns that such spyware could be used by repressive regimes and other shady attackers to monitor members of the public. In May, for example, WhatsApp disclosed a vulnerability that allowed hackers to remotely exploit a bug in the app's audio call system to access sensitive information on an iPhone or Android device. 

Security researchers said that the spyware that took advantage of the WhatsApp flaw featured characteristics of the Pegasus spyware from NSO Group, which maintains that its software, costing millions of dollars, is only sold to responsible governments to help prevent terrorist attacks and criminal investigations. 

However, the WhatsApp flaw was used to target a London lawyer who has been involved in lawsuits against the NSO Group, and security researchers believe others could have been targeted as well. 


Source: Macrumors

Related Articles
iPhone 7 Was Breached at Annual Mobile Pwn2Own Contest Apple Employee Threatens to Leak User’s iCloud Data Stolen Apple Account Credentials Can be Acquired From 'Dark Web' Markets for Just $15 Chinese Team Won the “Master of Pwn”on Pwn2Own Hacker Competition iPhone X Jailbreak Demoed on iOS 11.1.1, But Release Uncertain [Video] iOS 11.3 Jailbreak Speculations Spark off After Security Researcher Reveals Zero-Day and Kernel Bug Apple Releases iOS 11.2.2 Security Update with Spectre Mitigations for Safari EFF Calls Apple’s Bluetooth and Wi-Fi Control Center Toggles Bad User Security