Israeli company NSO Group expanded the functionality of the spy software Pegasus. Now it collects data not only from the device of the victim, but from a “cloud” account.
In jeopardy as the iPhone and iCloud from Apple and Android smartphones, and even third-party applications that exchange data via “encrypted and secure” connections. The new version of Pegasus can find and clone the tokens of authentication used for “cloud” services.
With the help of spyware attackers can carry out the so-called “attack of the mediator” (when the communication channel of objects A and B an object C). Thus Pegasus can impersonate the credentials of a Facebook user and to access the history of user’s location and the messages stored in iCloud.
Apple in the comments of the Financial Times noted that such a tool may exist, but usually it is used for targeted attacks on very small number of devices.
We do not believe that they are useful to commit large-scale attacks on consumers — said in Cupertino.
Earlier News.ru reported that a vulnerability in Bluetooth allows attackers to track the location of users and learn their ID. Its victims can be the users of Windows 10, iOS and macOS.
Read more •••