もっと詳しく

The Pegasus NSO spyware scandal by Israeli police has revealed rare screenshots of the app in action while remotely accessing a compromised smartphone.

A series of screenshots show that spyware does everything from displaying the contents of WhatsApp messages to activating a camera to spy on the owner’s surroundings…

Quick Primer Pegasus

Here is our quick guide to Pegasus for those unfamiliar.

The NSO Group produces spyware called Pegasus that is sold to government and law enforcement agencies. The company buys so-called zero-day vulnerabilities (those unknown to Apple) from hackers, and its software is said to be capable of installing zero-click exploits when the target requires no user interaction.

In particular, it is reported that simply receiving a certain iMessage – without opening it or interacting with it in any way – can lead to an iPhone being compromised, revealing personal data.

The NSO only sells Pegasus to governments, but its clients include countries with a very poor human rights record where political opponents and others are targeted.

The US government banned the import and use of Pegasus, depriving the company of its most lucrative customer base: US law enforcement. Apple stepped up the pressure by suing the company and warning owners of infected iPhones. This has put the company under extreme financial pressure, which could lead to its disappearance or worsening.

Pegasus Screenshots

The screenshots (above and below) came from an investigative report by financial publication Calcalist regarding the potential illegal use of Pegasus by police in Israel. They are showing:

Phone microphone activation for real-time listening of the owner and everyone with him

This led to a formal investigation led by Deputy Attorney General Amit Merari, whose report included a presentation prepared for the government cabinet at the time. The slide presentation was designed to show how the police used spyware, although it is not yet known if it was actually presented to the ministers.

Haaretz reports on the features shown in the presentation.

The screenshots show a wide range of tools that the police intended to use once the device was infected. One of the images shows a WhatsApp conversation between a certain “John Doe” and a woman who can be recognized by name.

The woman was a sales manager at NSO, so in addition to demonstrating the capabilities of the system, she also demonstrated a connection to the company. This is not the only case. There are also details of other conversations between said John Doe and five other NSO employees.

Another feature of Seifan mentioned in the presentation is the interception of incoming and outgoing phone calls. In addition to this ability, which seems to be relatively routine in the world of intelligence surveillance, there is another one, known in the professional parlance as “loud listening” and considered much more intrusive.

Simply put, this means listening to telephone conversations in real time in the environment of the device by remotely activating the microphone of the device. This type of wiretapping requires an order from the president of the district court or his deputy.

The list of possibilities that the police intended to outline goes beyond wiretapping and includes remote control of a camera on a “infected” device, an act that is most likely illegal since the law does not expressly allow the installation of hidden cameras and, of course, not allow remote control of the camera by hacking the suspect’s mobile device.

The NSO has had many different versions of the Pegasus and it is not clear if this version was ever used outside of Israel, but it matches the widely known capabilities of the version used in the US. It was the knowledge of such possibilities that led whistleblower Edward Snowden to insist that anyone who meets him should put their phone in the microwave to block radio transmissions.

You can see other screenshots below. Right click and open the image in a new tab to see it in full size.

The post Screenshots of Pegasus show him secretly activating his microphone and camera appeared first on Gamingsym.