"Pegasus takes advantage of this functionality to silently infect the device." "Many apps will automatically create a preview or cache of links in order to improve the user experience," Schless said. Pegasus can be deployed as a "zero-click exploit," meaning that the spyware can install itself without the victim even clicking a booby-trapped link or file, according to Lookout senior manager Hank Schless. Pegasus has evolved to become more effective since it was uncovered by Citizen Lab and cyber security firm Lookout five years ago. NSO did not dispute Pegasus had prompted the urgent software upgrade, and said in a statement that it would "continue to provide intelligence and law enforcement agencies around the world with life saving technologies to fight terror and crime." "Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals," the company said. Hours after releasing the fix, Apple said it had "rapidly" developed the update following Citizen Lab's discovery of the problem. In March, Citizen Lab examined the activist's phone and determined it was hacked with Pegasus spyware introduced via iMessage texting and that it didn't even require the phone's user to so much as click. "We determined that the mercenary spyware company NSO Group used the vulnerability to remotely exploit and infect the latest Apple devices with the Pegasus spyware," Citizen Lab wrote in a post.
0 Comments
Leave a Reply. |