Security News NSO Group Adds 'MMS Fingerprinting' Zero-Click Attack to Arsenal


Level 26
Thread author
Top Poster
Aug 17, 2017
A researcher at Swedish telecom and cybersecurity firm Enea has unearthed a previously unknown tactic that Israel's NSO Group has made available for use in campaigns to drop its notorious Pegasus mobile spyware tool on mobile devices belonging to targeted individuals worldwide.

The researcher discovered the technique when looking into an entry entitled "MMS Fingerprint" on a contract between an NSO Group reseller and Ghana's telecom regulator.

The contract was part of publicly available court documents associated with a 2019 lawsuit involving WhatsApp and the NSO Group, over the latter's exploitation of a WhatsApp flaw to deploy Pegasus on devices belonging to journalists, human rights activists, lawyers, and others globally.

The contract described MMS Fingerprint as something that an NSO customer could use to obtain details about a target BlackBerry, Android, or iOS device and its operating system version, simply by sending a Multimedia Messaging Service (MMS) message to it.

"No user interaction, engagement, or message opening is required to receive the device fingerprint," the contract noted.


Level 18
Top Poster
May 4, 2019
In the ever-evolving landscape of mobile network security, it’s essential to stay vigilant and informed about the latest threats. However to do so, sometimes we end up looking in places we would not normally look. Today, we delve into a previously unknown mobile network attack known as the “MMS Fingerprint” attack, reportedly used by NSO Group, a well-known actor in the realm of surveillance technologies. How we found this attack – which had essentially been hiding in plain sight – and how this attack might work, takes a bit of explaining.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.