A new type of malware released by Financial times put the cyber world under strain due to the scope of the attack, which could affect users of the Apple, gives Amazon, of Google and from Microsoft.
Created by NSO Group an Israeli company known for developing and selling iOS spy software such as the Pegasus , the new spyware can allegedly break into both a user's iCloud account and their own iPhone, as well as smartphones running Android.
In addition, the tool is also capable of collecting third party applications installed on these devices, especially those that communicate over “encrypted and secure” connections such as WhatsApp and Telegram.
In detail, spy software is capable of cloning the authentication code used to access services such as iCloud. It can also take the profile of a user's device in an attack known as man-in-the-middle ("Man in the middle"), allowing the attacker to download the data they want from the origin server, making requests that seem to come from the source device.
Attackers using the tool are able to access a range of private information, including the complete history of location data, archived messages or photos. In addition, they can receive text messages saved on iCloud and clone Facebook user credentials, for example a really complete attack.
Like most spyware, the attack promoted by NSO Group software can happen silently, but it does not require the user to enter his cracker passwords or credentials in any way as usual.
To Financial times, Apple has not denied the existence of "tools that can perform targeted attacks on a small number of devices", and that such software is not capable of generating "widespread attacks against consumers."
At the same time, Microsoft said it is “continuously evolving” its protections. She and Amazon said they were investigating the case.
Image: Cristian Dina / Shutterstockvia 9to5Mac
