Dangerous Android and iOS Spyware Spreads Across 45 Countries
A very powerful kind of Android/iPhone spyware has been found spreading across 45 countries and causing much damage.
Citizen Lab has revealed, in a report dated September 18, 2018, that the Pegasus spyware has been found deployed, over the last two years, against targets that are spread across 45 different countries.
The Citizen Lab report says- "Between August 2016 and August 2018, we scanned the Internet for servers associated with NSO Group’s Pegasus spyware. We found 1,091 IP addresses that matched our fingerprint and 1,014 domain names that pointed to them. We developed and used Athena, a novel technique to cluster some of our matches into 36 distinct Pegasus systems, each one which appears to be run by a separate operator."
The report explains the findings- "We designed and conducted a global DNS Cache Probing study on the matching domain names in order to identify in which countries each operator was spying. Our technique identified a total of 45 countries where Pegasus operators may be conducting surveillance operations. At least 10 Pegasus operators appear to be actively engaged in cross-border surveillance."
Pegasus is developed by NSO Group, an Israeli company that mostly sells to intelligence agencies high-tech surveillance tools used for remotely cracking into iPhones and Android devices. Pegasus, which is known as the most powerful spyware created by the company, is designed to hack Android devices, iPhone and other mobile devices remotely. The hacker can use Pegasus to access text messages, calendar entries, emails, WhatsApp messages, location data, microphone, camera etc on the victim's device. Pegasus has also been used to target human rights activists, journalists etc.
The Citizen Lab report lists the countries that have significant Pegasus operations and has been previously linked to the abusive use of spyware to target civil society. The countries include Bahrain, Kazakhstan, Mexico, Morocco, Saudi Arabia, and the United Arab Emirates.
The report adds, "Pegasus also appears to be in use by countries with dubious human rights records and histories of abusive behaviour by state security services. In addition, we have found indications of possible political themes within targeting materials in several countries, casting doubt on whether the technology is being used as part of “legitimate” criminal investigations."
Citizen Lab also gives out the list of countries where they found suspected NSO Pegasus infections; the list includes Algeria, Bahrain, Bangladesh, Brazil, Canada, Cote d’Ivoire, Egypt, France, Greece, India, Iraq, Israel, Jordan, Kazakhstan, Kenya, Kuwait, Kyrgyzstan, Latvia, Lebanon, Libya, Mexico, Morocco, the Netherlands, Oman, Pakistan, Palestine, Poland, Qatar, Rwanda, Saudi Arabia, Singapore, South Africa, Switzerland, Tajikistan, Thailand, Togo, Tunisia, Turkey, the UAE, Uganda, the United Kingdom, the United States, Uzbekistan, Yemen, and Zambia.
The Citizen Lab had shared with the NSO Group the details of the report, which elicited from the company a response denying the allegations. The Citizen Lab report says, "On 14 September 2018, Citizen Lab Director Ron Deibert sent a letter to two NSO Group principals, Mr. Omri Lavrie and Mr. Shalev Hulio, notifying them of the details of this report, explaining that we had shared an embargoed copy with journalists and offering to publish in full any response they wished to communicate on the record."
Shalev Hulio had reportedly replied on the same day, stating, "Contrary to statements made by you, our product is licensed to government and law enforcement agencies for the sole purpose of investigating and preventing crime and terror. Our business is conducted in strict compliance with applicable export control laws."
Three days later, on September 17, Citizen Lab received a public statement from the NSO Group, in which the company states, "There are multiple problems with Citizen Lab’s latest report. Most significantly, the list of countries in which NSO is alleged to operate is simply inaccurate. NSO does not operate in many of the countries listed. The product is only licensed to operate in countries approved under our Business Ethics Framework and the product will not operate outside of approved countries."
The Statement further adds, "NSO’s Business Ethics Committee, which includes outside experts from various disciplines, including law and foreign relations, reviews and approves each transaction and is authorized to reject agreements or cancel existing agreements where there is a case of improper use."
Citizen Lab has revealed, in a report dated September 18, 2018, that the Pegasus spyware has been found deployed, over the last two years, against targets that are spread across 45 different countries.
The Citizen Lab report says- "Between August 2016 and August 2018, we scanned the Internet for servers associated with NSO Group’s Pegasus spyware. We found 1,091 IP addresses that matched our fingerprint and 1,014 domain names that pointed to them. We developed and used Athena, a novel technique to cluster some of our matches into 36 distinct Pegasus systems, each one which appears to be run by a separate operator."
The report explains the findings- "We designed and conducted a global DNS Cache Probing study on the matching domain names in order to identify in which countries each operator was spying. Our technique identified a total of 45 countries where Pegasus operators may be conducting surveillance operations. At least 10 Pegasus operators appear to be actively engaged in cross-border surveillance."
Pegasus is developed by NSO Group, an Israeli company that mostly sells to intelligence agencies high-tech surveillance tools used for remotely cracking into iPhones and Android devices. Pegasus, which is known as the most powerful spyware created by the company, is designed to hack Android devices, iPhone and other mobile devices remotely. The hacker can use Pegasus to access text messages, calendar entries, emails, WhatsApp messages, location data, microphone, camera etc on the victim's device. Pegasus has also been used to target human rights activists, journalists etc.
The Citizen Lab report lists the countries that have significant Pegasus operations and has been previously linked to the abusive use of spyware to target civil society. The countries include Bahrain, Kazakhstan, Mexico, Morocco, Saudi Arabia, and the United Arab Emirates.
The report adds, "Pegasus also appears to be in use by countries with dubious human rights records and histories of abusive behaviour by state security services. In addition, we have found indications of possible political themes within targeting materials in several countries, casting doubt on whether the technology is being used as part of “legitimate” criminal investigations."
Citizen Lab also gives out the list of countries where they found suspected NSO Pegasus infections; the list includes Algeria, Bahrain, Bangladesh, Brazil, Canada, Cote d’Ivoire, Egypt, France, Greece, India, Iraq, Israel, Jordan, Kazakhstan, Kenya, Kuwait, Kyrgyzstan, Latvia, Lebanon, Libya, Mexico, Morocco, the Netherlands, Oman, Pakistan, Palestine, Poland, Qatar, Rwanda, Saudi Arabia, Singapore, South Africa, Switzerland, Tajikistan, Thailand, Togo, Tunisia, Turkey, the UAE, Uganda, the United Kingdom, the United States, Uzbekistan, Yemen, and Zambia.
The Citizen Lab had shared with the NSO Group the details of the report, which elicited from the company a response denying the allegations. The Citizen Lab report says, "On 14 September 2018, Citizen Lab Director Ron Deibert sent a letter to two NSO Group principals, Mr. Omri Lavrie and Mr. Shalev Hulio, notifying them of the details of this report, explaining that we had shared an embargoed copy with journalists and offering to publish in full any response they wished to communicate on the record."
Shalev Hulio had reportedly replied on the same day, stating, "Contrary to statements made by you, our product is licensed to government and law enforcement agencies for the sole purpose of investigating and preventing crime and terror. Our business is conducted in strict compliance with applicable export control laws."
Three days later, on September 17, Citizen Lab received a public statement from the NSO Group, in which the company states, "There are multiple problems with Citizen Lab’s latest report. Most significantly, the list of countries in which NSO is alleged to operate is simply inaccurate. NSO does not operate in many of the countries listed. The product is only licensed to operate in countries approved under our Business Ethics Framework and the product will not operate outside of approved countries."
The Statement further adds, "NSO’s Business Ethics Committee, which includes outside experts from various disciplines, including law and foreign relations, reviews and approves each transaction and is authorized to reject agreements or cancel existing agreements where there is a case of improper use."
Post a Comment