NSO Targets: A List of People Infected With Pegasus Spyware

Omer Benjakob has put together a helpful list of NSO targets that includes every individual believed to have been infected with the group’s Pegasus spyware.

So far, targets have been found across the world: from India and Uganda to Mexico and the West Bank, with high-profile victims including U.S. officials and a New York Times journalist. Now, for the first time, Haaretz has assembled a list of confirmed cases involving Pegasus spyware.

Saudi Activist With EFF Sues DarkMatter Group for Hacking iPhone

Saudi human rights activist Loujain AlHathloul, along with the Electronic Frontier Foundation, is suing DarkMatter for hacking her iPhone. DarkMatter Group was created and run by former U.S. intelligence operatives.

Reuters broke the news about the hacking program called Project Raven in 2019, reporting that when UAE transferred the surveillance work to Emirati firm DarkMatter, the U.S. operatives, who learned spycraft working for the National Security Agency and other U.S. intelligence agencies, went along and ran DarkMatter’s hacking program, which targeted human rights activists like AlHathloul, political dissenters, and even Americans residing in the U.S.

Hacking US Diplomats in Uganda May Have Led to NSO Group Downfall

ArsTechnica shares the story of how U.S. diplomats in Uganda were hacked by Pegasus, a spyware tool from NSO Group.

Israeli and US officials declined to confirm that the Ugandan hack directly triggered a decision to blacklist NSO. But one US official who discussed the issue with Israel’s defense ministry said: “Look at the entire sequence of events here—this is careful, not by chance.” He added that putting NSO, one of the jewels of Israel’s tech community, on a US blacklist was designed to “punish and isolate” the company.

'FinSpy' Spyware is Adept at Hiding Itself With a Four-Layer Method

FinSpy, a well-known piece of spyware from German company FinFisher, is good at hiding. Researchers at Kaspersky have reverse-engineered the malware.

In addition to a four-layer obfuscation method, the spyware also now employs a UEFI (Unified Extensible Firmware Interface) bootkit for infecting its targets, and it also encrypts the malware in memory, according to the researchers. The Kaspersky team’s research began in 2019, and they are finally sharing their findings today at Kaspersky’s online Security Analyst Summit.

Facebook Tried to Buy a Hacking Tool to Spy on iPhone Users

According to court filings, when Facebook was in the early stages of building its spyware VPN called Onavo Protect, it noticed that it wasn’t as effective on Apple devices as it was on Android. So Facebook approached a hacking group called NSO Group to use its Pegasus malware.

According to the court documents, it seems the Facebook representatives were not interested in buying parts of Pegasus as a hacking tool to remotely break into phones, but more as a way to more effectively monitor phones of users who had already installed Onavo.

A Fix For That Scary WhatsApp Exploit is Live

An Israeli firm called NSO Group used a WhatsApp exploit to inject spyware on target devices. A fix for the exploit is live.

Given the stealthy way the attack was attempted, it’s impressive that WhatsApp caught it as quickly as they did. Engineers at Facebook have been busy sorting this one out over the weekend…Named CVE-2019-3568…affected versions include…WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51.

Facebook Shuts Down Onavo Spyware...We Think

Facebook is shutting down its Onavo spyware VPN and associated “research” app. That is, if you believe anything Facebook says.

To preempt any more scandals around Onavo and the Facebook Research app and avoid Google stepping in to forcibly block the apps, Facebook is now taking Onavo off the Play Store and stopping recruitment of Research testers. That’s a surprising voluntary move that perhaps shows Facebook is finally getting in tune with the public perception of its shady actions.

Eh, I wouldn’t go that far. Not with Facebook blaming users when it screws them over.

How Former U.S. Hackers Broke Into iPhones For UAE

A team of former U.S. hackers broke into iPhones for the United Arab Emirates. They used a spying tool called ‘Karma.’

Karma was used by an offensive cyber operations unit in Abu Dhabi comprised of Emirati security officials and former American intelligence operatives working as contractors for the UAE’s intelligence services. The existence of Karma and of the hacking unit, code named Project Raven, haven’t been previously reported.

Sounds like a powerful tool. They could remotely break into iPhones just by uploading phone numbers or email accounts into an automated system. It didn’t work on Android phones.