Earlier this year, it was reported that companies based in Israel NSO group were involved by the government to target activists, politicians and journalists.
NSO Group is famous for selling hacking solutions for high profile clients.
The company uses pegasus – spyware package – to hack smartphones, including the iPhone.
Because the report revealed the US has banned companies from doing any business with the NSO Group, while Apple has sued the company as well.
Now, Google has detailed on a blog how Pegasus is used to hack the iPhone.
How hacking starts blog posts, Google explains that NSO offers zero-click exploitation technology.
In a zero-click attack, the hacker does not send phishing or a suspicious link when working calmly in the background.
“Short does not use the device, there is no way to prevent exploitation with zero click exploitation; this is a weapon that has no defense,” said the Google Zero project team that analyzed and examined the threat of cybersecurity.
On iPhone, Google said, the initial entry point for Pegasus is the iMessage.
So if the attacker has an Appleid username or telephone number, they can target the victim.
Using the Fake Gif Tricks of the victim will get a GIF file but in fact, while the file name has a .gif in the end, it’s actually not a GIF file.
“Using this” fake gif “trick, more than 20 codec images suddenly become part of the surface of the zero-click iMessage attack, including some very unclear and complex formats, describing remotely maybe hundreds of thousands of lines of code,” Google explained.
Apple, as in Google, has fully removed the GIF codakath which can cause the attack with iOS 15 in September 2021.
Using extreme compression is the days when bandwidth or storage is a big problem like before.
However, the compression technique was used in the 90s and was still used.
Google said that in the 90s, a picture codec called JBig2 was used to compress the image where pixels could only be black or white.
Many PDF files a few years ago are PDFs likely to have a JBIG2 stream in it.
There are many old algorithms that are still used, which are exploited for attacks like Pegasus.
In an interview with Wired, Project Zero Ian Beer and Samuel Groß said that hacking is equivalent to spying on the natio elite level.
“This is equivalent to the ability of serious nations,” he said.
“It’s a very sophisticated thing, and when it’s seen by all gas autocrats, without brakes, it’s really scary.
And it just makes you wonder what else is out there that is used now just waiting to be found.
If This is a type of threat faced by civil society, it’s really emergency.
“
Google explains how Pegasus is used to hack the iPhone
