Israeli Security Firm Claims Spyware Tool Can Harvest iCloud Data in Targeted iPhone Attack

Discussion in 'Politics, Religion, Social Issues' started by MacRumors, Jul 19, 2019.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    An Israeli security firm claims it has developed a smartphone surveillance tool that can harvest not only a user's local data but also all their device's communications with cloud-based services provided by the likes of Apple, Google, Amazon, and Microsoft.

    [​IMG]

    According to a report from the Financial Times [paywalled], the latest Pegasus spyware sold by NSO Group is being marketed to potential clients as a way to target data uploaded to the cloud. The tool is said to work on many of the latest iPhones and Android smartphones, and can continue to harvest data even after the tool is removed from the original mobile device.
    Attackers using the malware are said to be able to access a wealth of private information, including the full history of a target's location data and archived messages or photos, according to people who shared documents with the Financial Times and described a recent product demonstration.

    When questioned by the newspaper, NSO denied promoting hacking or mass-surveillance tools for cloud services, but didn't specifically deny that it had developed the capability described in the documents.

    In response to the report, Apple told FT that its operating system was "the safest and most secure computing platform in the world. While some expensive tools may exist to perform targeted attacks on a very small number of devices, we do not believe these are useful for widespread attacks against consumers." The company added that it regularly updates its operating system and security settings.

    The news raises concerns that such spyware could be used by repressive regimes and other shady attackers to monitor members of the public. In May, for example, WhatsApp disclosed a vulnerability that allowed hackers to remotely exploit a bug in the app's audio call system to access sensitive information on an iPhone or Android device.

    Security researchers said that the spyware that took advantage of the WhatsApp flaw featured characteristics of the Pegasus spyware from NSO Group, which maintains that its software, costing millions of dollars, is only sold to responsible governments to help prevent terrorist attacks and criminal investigations.

    However, the WhatsApp flaw was used to target a London lawyer who has been involved in lawsuits against the NSO Group, and security researchers believe others could have been targeted as well.

    Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

    Article Link: Israeli Security Firm Claims Spyware Tool Can Harvest iCloud Data in Targeted iPhone Attack
     
  2. Pbrutto macrumors 6502a

    Pbrutto

    Joined:
    Apr 21, 2015
    Location:
    Eastern PA
    #2
    Not surprised, encryption of iCloud communication and storage has been a frequently mentioned topic. If Apple gets on full encryption, we would all be better off.

    Also, can we talk about how Apple isn’t offering iCloud Mac backups yet? Think of how much $ they are leaving on the table. Actually, I’m shocked they aren’t ready for this yet, they would be raking in the cash from people upgrading their storage to do backups.
     
  3. jayducharme macrumors 68040

    jayducharme

    Joined:
    Jun 22, 2006
    Location:
    The thick of it
    #3
    The cat-and-mouse game continues. There will be a market for this as long as governments don’t trust their citizens and citizens don’t trust their government.
     
  4. thasan macrumors 65816

    Joined:
    Oct 19, 2007
    Location:
    Germany
    #4
    their claims about selling it to only legitimate authorities are as filmsy as it gets.
    i wonder who audits their claims
     
  5. centauratlas macrumors 65816

    centauratlas

    Joined:
    Jan 29, 2003
    Location:
    Florida
    #5
    And even if they were 100% honest, eventually they themselves will get hacked and their honesty wouldn't matter in the least.
     
  6. Marshall73 macrumors 68000

    Marshall73

    Joined:
    Apr 20, 2015
    #6
    As it requires root access to the device its not capable of 'drive by' attacks but only targeted attacks. if you are a journalist / official etc I would keep a close eye on your kit.
    --- Post Merged, Jul 19, 2019 ---
    If you use 'Documents in the cloud' then your Mac is effectively backed up already.
     
  7. decafjava macrumors 68040

    decafjava

    Joined:
    Feb 7, 2011
    Location:
    Geneva
    #7
    I am sure these firms are working indirectly for the three-letter agencies.
     
  8. Mactendo macrumors 68000

    Joined:
    Oct 3, 2012
    #8
    That’s how the things like The Fappening happen. I never believed in some random hackers acting on their own against famous people on such large scale.
     
  9. Heineken macrumors 65816

    Heineken

    Joined:
    Jan 27, 2018
    #9
    He is probably talking about iOS like backups. When you can restore your device during the setup with all the documents and settings.
     
  10. Daku93 macrumors regular

    Joined:
    Oct 29, 2010
    #10
    If encrypted iCloud Mac Backups were available, I would instantly upgrade my iCloud Plan to 1TB. This would be awesome
     
  11. nwcs macrumors 68000

    nwcs

    Joined:
    Sep 21, 2009
    Location:
    Tennessee
    #11
    I wonder how this can be detected by a user? I’m thinking of various countries now, and more likely in the future, that want to confiscate your phone at a border crossing/airport international arrival. Would they all install this as a matter of course? It makes me think one might consider setting up a fake iCloud account and tie your phone into that while traveling and wipe/restore your phone to the original iCloud account after passing through the borders.
     
  12. M.PaulCezanne, Jul 19, 2019
    Last edited: Jul 19, 2019

    M.PaulCezanne macrumors 6502a

    M.PaulCezanne

    Joined:
    Mar 5, 2014
    #12
    Yes, but I like the fact that iCloud, while synch not backup, provides an extra point of failure for my backup system - at least with respect to hardware failure. Online backup at a different provider (other than iCloud) might provide a more diverse backup system.
    --- Post Merged, Jul 19, 2019 ---
    One reason I feel FAR more comfortable with Apple than say Google or Samsung is I'm relatively confident they'll be all over a fix for this. I hope I'm justified in feeling this way.
     
  13. LordVic macrumors 603

    Joined:
    Sep 7, 2011
    #13
    As they are a company in a fairly western democracy, that will be regularly audited by both government and private regulators and accounting firms, the liklihood of what you're claiming is probably low.

    however. One of their customers "leaking" or being hacked ad having it stolen? Probably high.

    Like almost all security exploits, once it's discovered by one team, the cat is out of the bag and others will likely follow and repeat the exploit.
     
  14. Mactendo macrumors 68000

    Joined:
    Oct 3, 2012
    #14
    Oh, please.
     
  15. M.PaulCezanne macrumors 6502a

    M.PaulCezanne

    Joined:
    Mar 5, 2014
    #15
    I hesitate to believe a company that sells hi-tech spyware.
     
  16. DCIFRTHS macrumors 6502a

    DCIFRTHS

    Joined:
    Jan 25, 2008
    #16
    Just to make sure I understand: Someone need physical access to the device to deploy this spyware, correct?

    Are we sure that it can’t be deployed through some compromised app, or other What’s App style deployment?
     
  17. Mr_Brightside_@ macrumors 68040

    Mr_Brightside_@

    Joined:
    Sep 23, 2005
    Location:
    Toronto
    #17
    In my experience, the average user doesn't understand the importance of backing up until their first hard drive failure.
     
  18. Mobster1983 macrumors 6502a

    Joined:
    Sep 8, 2011
    #18
    "Responsible governments."
     
  19. Osamede macrumors 6502a

    Joined:
    Oct 28, 2009
    #19
    Snowden revelations say they are all uniformly irresponsible when it comes to disrespect of privacy. So it’s all one big kabuki theatre then...
     
  20. lkrupp macrumors 6502a

    Joined:
    Jul 24, 2004
    #20
    So explain to me how this gets installed on an iOS device. You can’t sideload anything without jailbreaking first, right? Apple’s App Store would have to miss the malware in its review process before it could made available to users, right? Sounds like the perpetrator would need physical access to the iOS device, right? Again, how does this make its way onto my iPhone 8?
     
  21. Phil A. Moderator

    Phil A.

    Staff Member

    Joined:
    Apr 2, 2006
    Location:
    Shropshire, UK
    #21
    I'd have to disagree with that statement - while a synced copy of your documents on iCloud is better than nothing, it is definitely not a backup.

    Firstly, Anything that isn't in the synced folders doesn't get copied over to iCloud

    Secondly, I believe versions only exist for iWork documents so if you mess up any other kind of document or it gets encrypted by ransomware for example, that messed up copy will immediately sync to iCloud and any other device connected to it and if there are no versions stored then you have lost it

    In my view, backups should be immutable and no sync service can replace a backup
     
  22. rp2011 macrumors 65816

    rp2011

    Joined:
    Oct 12, 2010
    #22
    That’s the least of it. These types of exploits out in the wild is a whole lot of hurt. Especially in the hands of a petty criminals.
     
  23. MacBH928 macrumors 68040

    MacBH928

    Joined:
    May 17, 2008
    #23
    By now I think its general knowledge not to upload anything you don't want other to look at to the cloud no matter how "secure" or "encrypted" it is...just a matter of time.

    Have you thought that it is not a pleasurable experience to upload 500GB to the cloud, and restore it back down? You are much better off with a USB3 1TB $60 HDD. Not to mention things like cap limit by ISPs.
     
  24. tdar macrumors 6502a

    Joined:
    Jun 23, 2003
    Location:
    Alpharetta GA.
    #24
    A major problem with the creation of such software is located within this quote from the post:

    Responsible Governments. How does one define that? In who's eyes and with who's prospective are they being deemed "responsible"? Might that be subject to change? Governments change. So do their level of reasonableness. Could a government that at one time was deemed to be "responsible" become less so and then provide the software to one that is in no way "responsible,"even by stealing the software?
    Might they then allow the software to fall into criminal hands that it was never intended for?

    Lots of issues. I see more problems created by this software than fixes.
     
  25. Sasparilla macrumors 65816

    Joined:
    Jul 6, 2012
    #25
    Guessing Apple hasn't done end to end iCloud encryption, both for the fact that they need to rescue users (probably constantly), but probably also from pressure from the U.S. government (so they can have Apple unlock people's iCloud stuff with a warrant) - remember when the U.S. govt was putting all this pressure on Apple about encryption and then they just basically stopped - guessing a gentleman's agreement took place with Apple saying they wouldn't E2E iCloud if the U.S. Govt backs off.

    Don't put up anything into iCloud you wouldn't want to be hauled out into a court of law for any reason. For privacy's sake, just back up locally with encryption (which iTunes still supports) and your good. If your worried about your messaging use Signal or maybe Wickr. JMHO
     

Share This Page

127 July 19, 2019