Early this year, we reported about a serious vulnerability in WhatsApp app that will allow hackers to install spyware in your iPhone or Android. The company which discovered this vulnerability was NSO Group. NSO Group is an Israeli company that develops software for spy agencies and governments to collect data from individuals’ devices. Their primary job is to find vulnerabilities in modern devices to steal data! This company is now back with another spyware that will allow spy agencies and governments to scrape all of an individual’s data from the servers of Apple, Google, Facebook, Amazon and Microsoft.
NSO Group’s new spyware will copy the authentication keys of services such as Google Drive, Facebook Messenger, OneDrive, AWS and iCloud from a targeted device, and then use the same authentication keys from separate server to then impersonate the phone. This spyware even takes care of the location data because some services will ask you sign-in again when you use it from different location. With the help of authentication keys, this spyware can access any cloud data. According to the sales pitch that was accessed by FT, NSO Group’s updated spyware Pegasus can be installed on various devices including Android and iOS smartphones.
Google, Microsoft, Facebook and Apple responded to FT’s story with regular PR responses. I hope they are reviewing this issue in the background and release a fix really soon.