Android and iPhone spyware sold by NSO Group enables state terror attacks in multiple countries, according to a new database released by Amnesty International and partner organizations.
NSO uses zero-day exploits to develop spyware for both iPhones and Android smartphones, allowing users to read text messages and emails, monitor contacts and calls, track locations, collect passwords, and even switch on the smartphone’s microphone to record meetings …
Background
A zero-day vulnerability is a
security flaw that is unknown to the company that makes the hardware or software, and can be used to create
malware, including spyware. The privacy protections in iPhones mean that zero-days discovered in iOS can be worth large sums of money on the black market, with Israel-based NSO Group buying many of them for its Pegasus spyware.
NSO was founded in 2010, with reports on iPhone exploits
dating back many years. The company says that it only sells Pegasus to governments, but critics say that these include countries with records of human rights abuses.
In 2019, it was discovered that Pegasus could
silently collect all iCloud data from a target’s phone. Pegasus was also reportedly behind
a text-activated hack of iPhones belonging to
Al Jazeera journalists. As with other NSO attacks, it was a zero-touch exploit that didn’t require the victim to do anything other than receive the text.
Amnesty International last year
tried without success to block exports of the spyware.
9to5mac.com
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}
