"This is the largest forensically documented cluster of such attacks and infections on record."
From Ronan Farrow's "How Democracies Spy on Their Citizens" ($) posted Monday by the New Yorker:
One afternoon last month, Jordi Solé, a pro-independence member of the European Parliament, met a digital-security researcher, Elies Campo, in one of the Catalan parliament’s ornate chambers. Solé, who is forty-five and wore a loose-fitting suit, handed over his cell phone, a silver iPhone 8 Plus. He had been getting suspicious texts and wanted to have the device analyzed.
Campo, a soft-spoken thirty-eight-year-old with tousled dark hair, was born and raised in Catalonia and supports independence. He spent years working for WhatsApp and Telegram in San Francisco, but recently moved home. “I feel in a way it’s a kind of duty,” Campo told me. He now works as a fellow at the Citizen Lab, a research group based at the University of Toronto that focusses on high-tech human-rights abuses.
Campo collected records of Solé’s phone’s activity, including crashes it had experienced, then ran specialized software to search for spyware designed to operate invisibly. As they waited, Campo looked through the phone for evidence of attacks that take varied forms: some arrive through WhatsApp or as S.M.S. messages that seem to come from known contacts; some require a click on a link, and others operate with no action from the user. Campo identified an apparent notification from the Spanish government’s social-security agency which used the same format as links to malware that the Citizen Lab had found on other phones. “With this message, we have the proof that at some point you were attacked,” Campo explained. Soon, Solé’s phone vibrated. “This phone tested positive,” the screen read. Campo told Solé, “There’s two confirmed infections,” from June, 2020. “In those days, your device was infected—they took control of it and were on it probably for some hours. Downloading, listening, recording.”
Solé’s phone had been infected with Pegasus, a spyware technology designed by NSO Group, an Israeli firm, which can extract the contents of a phone, giving access to its texts and photographs, or activate its camera and microphone to provide real-time surveillance—exposing, say, confidential meetings. Pegasus is useful for law enforcement seeking criminals, or for authoritarians looking to quash dissent. Solé had been hacked in the weeks before he joined the European Parliament, replacing a colleague who had been imprisoned for pro-independence activities. “There’s been a clear political and judicial persecution of people and elected representatives,” Solé told me, “by using these dirty things, these dirty methodologies.”
In Catalonia, more than sixty phones—owned by Catalan politicians, lawyers, and activists in Spain and across Europe—have been targeted using Pegasus. This is the largest forensically documented cluster of such attacks and infections on record. Among the victims are three members of the European Parliament, including Solé. Catalan politicians believe that the likely perpetrators of the hacking campaign are Spanish officials, and the Citizen Lab’s analysis suggests that the Spanish government has used Pegasus. A former NSO employee confirmed that the company has an account in Spain. (Government agencies did not respond to requests for comment.) The results of the Citizen Lab’s investigation are being disclosed for the first time in this article. I spoke with more than forty of the targeted individuals, and the conversations revealed an atmosphere of paranoia and mistrust. Solé said, “That kind of surveillance in democratic countries and democratic states—I mean, it’s unbelievable.”...
Last year, as the Washington Post reported and Apple disclosed in a legal filing, the iPhones of eleven people working for the U.S. government abroad, many of them at its embassy in Uganda, were hacked using Pegasus. NSO Group said that, “following a media inquiry” about the incident, the company “immediately shut down all the customers potentially relevant to this case, due to the severity of the allegations, and even before we began the investigation.” The Biden Administration is investigating additional targeting of U.S. officials, and has launched a review of the threats posed by foreign commercial hacking tools.
My take: Farrow, whose investigative reporting helped take down Hollywood Mogul Harvey Weinstein -- and failed to take down Supreme Court Justice Brett Kavanaugh -- takes a long ride on Pegasus in this week's New Yorker.
iOS 14.8 released Sept 2021 “Fixes the FORCEDENTRY bug, a zero-click exploit that was used by the NSO Group to deploy Pegasus spyware”
I sure hope the New Yorker featured this prominently.
I tried a google search for an Android security update similar to iOS. Did not find. Github has a tool called MVT to detect if your iOS or Android phone is infected with Pegasus.
It took Apple years to get this patch out. Pegasus was first discovered in 2016.
So weird. Speaking of Pegasus, I was just browsing, trying to figure out when and maybe why the tech market turned negative. As I just posted in PED’s “Premarket: Apple is Red” story, here’s what I found:
“It seems to me that the present market malaise started around 7/18/2021. On that day, this revelation hit the news from the Washington Post:
“Military-grade spyware licensed by an Israeli firm to governments for tracking terrorists and criminals was used in attempted and successful hacks of 37 smartphones belonging to journalists, human rights activists, business executives and two women close to murdered Saudi journalist Jamal Khashoggi, according to an investigation by The Washington Post and 16 media partners.””
“It took Apple years to get this patch out. Pegasus was first discovered in 2016.”
And this is Apple we’re talking about. It boggles the mind to think what kind of an effort it would take to do the same for Android and Android spin-offs….
And then there’s Microsoft operating systems, and Oracle, and…OMG.