According to court filings, when Facebook was in the early stages of building its spyware VPN called Onavo Protect, it noticed that it wasn’t as effective on Apple devices as it was on Android. So Facebook approached a hacking group called NSO Group to use its Pegasus malware.
According to the court documents, it seems the Facebook representatives were not interested in buying parts of Pegasus as a hacking tool to remotely break into phones, but more as a way to more effectively monitor phones of users who had already installed Onavo.
Israel-based NSO Group claims it can harvest iCloud data in targeted attacks. It’s said to be a version of the Pegasus spyware.
Attackers using the malware are said to be able to access a wealth of private information, including the full history of a target’s location data and archived messages or photos, according to people who shared documents with the Financial Times and described a recent product demonstration.
When questioned by the newspaper, NSO denied promoting hacking or mass-surveillance tools for cloud services, but didn’t specifically deny that it had developed the capability described in the documents.
An Israeli firm called NSO Group used a WhatsApp exploit to inject spyware on target devices. A fix for the exploit is live.
Given the stealthy way the attack was attempted, it’s impressive that WhatsApp caught it as quickly as they did. Engineers at Facebook have been busy sorting this one out over the weekend…Named CVE-2019-3568…affected versions include…WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51.
The Saudi regime is known for attacking Saudi dissidents, and iPhone spyware could have helped them do so with the help of NSO Group.