In the scandal surrounding the Pegasus spy software, the technology group Apple is suing the Israeli developer NSO Group. This should be prohibited from using any Apple devices and software. This should prevent "further abuse of and damage to" Apple users. The lawsuit also calls for an unspecified reparation for spying on users because this violated US law.
In the lawsuit filed with a US federal court in the Californian city of San José, Apple said that employees of the NSO Group were "amoral mercenaries of the 21st century". These have created a highly developed cyber-surveillance machinery that "encourages routine and shameless abuse".
"Government-backed actors" like the NSO Group are spending millions of dollars on sophisticated surveillance technologies without being effectively accountable, said Craig Federighi, Apple's senior vice president responsible for software development. "That needs to change." In addition to the lawsuit, Apple announced a donation of ten million dollars (8.9 million euros) to researchers in the field of cyber surveillance. Possible compensation payments from the lawsuit would also be donated.
The US Department of Commerce imposed sanctions on the NSO Group
The starting point of the lawsuit is research published in July by 17 international media outlets, which revealed that the telephones of hundreds of business people, journalists, politicians and human rights activists in various countries had been monitored with the help of Pegasus. The software developed by the NSO Group can access data on a telephone unnoticed. The software is also able to switch on the device's camera and microphone without being noticed.
In response to the Pegasus scandal, the US government imposed sanctions on the NSO Group in early November. The US Department of Commerce said the spyware had allowed authoritarian governments to target foreign government critics, journalists and activists in order to silence them. The NSO Group's blacklisting of the US Department of Commerce limits possible US technology exports to the Israeli company.
'Israel Involved In Cyber Attacks On Middle East'
The NSO Group reacted with incomprehension to the US decision and was dismayed. The company claims that its software was developed for the fight against crime and terrorism: Pegasus is "only sold to law enforcement agencies and secret services of audited governments with the sole aim of saving human lives by preventing crimes and acts of terrorism". In Germany, the Federal Criminal Police Office (BKA) bought and used the controversial spy software . According to media reports from October, it was also used by the Federal Intelligence Service (BND).
WhatsApp has been suing NSO for years. The chat service belonging to the Facebook group Meta accuses the company of illegally exploiting its systems to monitor users.
WHAT CAN PEGASUS DO?
Pegasus is currently considered by experts to be the most powerful surveillance program for cell phones and is classified as a cyber weapon. NSO has continuously developed its flagship product. Initially, an SMS was sent with a link that the victim had to click. Only then could Pegasus install itself on the device. In the meantime, the owner of a cell phone no longer even notices when the device is attacked by the espionage program.
NSO Pegasus Spy Software | Why One Of The Pegasus Inventors Became A Dropout
NSO goes to great lengths to find unknown security holesin all programs that run on a mobile phone. 860 programmers work for the company. A large part of them are busy finding such gaps in apps and mobile operating systems.
One person with insider knowledge said the average number of targets per customer per year was 112. With 45 customers that would be a little over 5,000 targets attacked with Pegasus.
IMESSAGE AS A BACK DOOR
NSO currently uses the iMessage service on iPhones to sneak into the device. Whoever deactivates the program blocks this access. But this is not a real protection, because every app is a potential gateway and NSO is constantly researching gaps in such apps. In addition, the company buys information about so-called zero-day gaps - previously unknown vulnerabilities - from third parties in order to then exploit this for its own purposes.
Turning the cell phone off and on again does not help to get rid of the surveillance program. Even an update of the system software doesn't hold up NSO for long. Pegasus deletes itself under certain conditions in order not to be exposed. But users can always reintroduce the tool as long as NSO finds ways to do it.
TEXT, WORD, IMAGE: ALL DATA IS COLLECTED
At five megabytes, Pegasus is relatively small, but it can do a lot. If the software is installed on a cell phone, it begins to collect all kinds of data: phone book entries, saved pictures, all messages and e-mails, browser history, calendar entries. This information is then sent encrypted to a server of the NSO customer as long as the spied mobile phone has a network connection. If there is no connection, Pegasus collects the data and waits until one is established again.
Pegasus Surveillance Software || Vulnerable
In addition to this passive collection, Pegasus can also be used actively. For example, the customer can instruct the software to collect location data, that is, to reveal where the owner is. Pegasus can also turn the cell phone into a bug. Without it being visible, the software can turn on all cameras and microphones and record everything that is said and done near the device. Of course, all calls can also be overheard.
ENCRYPTION DOESN'T HELP
Since Pegasus accesses all data directly on the device, any form of encryption is bypassed. Messenger like Signal or Telegram encrypt every message, but only after it has been written. Pegasus is already watching while writing.
All of the collected data can also be searched, sorted according to time, and linked to other information. If you are attacked with Pegasus, you are no longer alone in your digital life. Every contact, every plan, every movement becomes visible to the attacker.
Do You Know What We Have Posted on
0 Comments