Connect with us

Science & Tech

Apple issues emergency software update after discovery of ‘zero click’ malware

Published

on

The spyware has been attributed “with high confidence” to Israel’s NSO Group.

Apple has issued an emergency software update after a flaw was found that allowed spyware attributed to Israel’s NSO Group to infect an iPhone, Apple Watch, or Mac computer without the user having to click on anything.

The malware was found on the phone of an unidentified Saudi activist by Canadian internet security watchdog Citizen Lab.

It is the first time that a “zero-click” exploit – an exploit that allows an attacker to hack into the device without requiring the victim to click on anything, meaning they have no chance to catch the attack – has been caught and analysed.

The phone is thought to have been infected in February, although the researchers discovered the malicious code on 7 September and immediately alerted Apple.

The logo of Israeli cyber firm NSO Group is seen at one of its branches in the Arava Desert, southern Israel July 22, 2021. REUTERS/Amir Cohen
Image:NSO Group is an Israeli cyber surveillance firm

Ivan Krstic, head of Apple security engineering and architecture, said: “After identifying the vulnerability used by this exploit for iMessage, Apple rapidly developed and deployed a fix in iOS 14.8 to protect our users.Advertisement

“Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals.”

“While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data,” he added.

Citizen Lab researcher Bill Marczak said there was high confidence that Israeli surveillance firm NSO Group was behind the attack, although it was “not necessarily” being attributed to the Saudi government.

In a statement to Reuters, NSO did not confirm or deny that it was behind the technique, saying only that it would “continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight terror and crime”.

Citizen Lab has previously found evidence of zero-click malware being used to hack the phones of some journalists and other targets but Mr Marczak said this was the first time one had been captured “so we can find out how it works”.

A man reads at a stand of the NSO Group Technologies, an Israeli technology firm known for its Pegasus spyware enabling the remote surveillance of smartphones, at the annual European Police Congress in Berlin, Germany, February 4, 2020
Image:Experts say the average user does not need to be too concerned, as such attacks tend to be highly targeted

Security experts have said that the average user does not need to be too concerned, as such attacks tend to be highly targeted, but the exploit was still alarming.

Mr Marczak said that malicious files were put on the Saudi activist’s phone via the iMessage app before the phone was hacked with NSO’s Pegasus spyware.

This meant the phone was able to spy on its user, without them even knowing.

Citizen Lab researcher John Scott-Railton said: “Popular chat apps are at risk of becoming the soft underbelly of device security. Securing them should be top priority.”

In July it was reported that NSO Group’s spyware had been used to target journalists, political dissidents and human rights activists.

NSO Group says that its spyware is only used by governments to hack the mobile phones of terrorists and serious criminals, but a leaked list featuring more than 50,000 phone numbers of interest to the company’s clients suggested that it is being used much more broadly.

More than 1,000 individuals in 50 countries were allegedly selected for potential surveillance – including 189 journalists and more than 600 politicians and government officials, according to Paris-based journalism non-profit Forbidden Stories and Amnesty International, as well as their media partners.

Mr Marczak said on Monday: “If Pegasus was only being used against criminals and terrorists, we never would have found this stuff.”

It has also been reported that the FBI is investigating NSO Group, and Israel has set up a senior inter-ministerial team to examine the allegations surrounding how the spyware is being used.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Science & Tech

COVID-19: Facebook removes Chinese-backed network of fake accounts spreading coronavirus disinformation

Published

on

The false profiles, with links to Chinese-backed agencies, originated and spread false claims the US pressured scientists to blame China for COVID-19.

Facebook has removed hundreds of fake accounts linked to a campaign by China to spread unfounded claims about the pandemic.

The bogus profiles originated claims the US pressured scientists to blame China for COVID-19.

An investigation found these claims were amplified by employees of Chinese state-run companies, soon becoming the subject of domestic news headlines.

“In effect it worked like an online hall of mirrors, endlessly reflecting the original fake persona and its anti-US disinformation,” Ben Nimmo, who leads investigations into disinformation at Meta, the parent company of Facebook and Instagram, said.

The social media company said one of the accounts belonged to a fictitious Swiss biologist named Wilson Edwards.Advertisement

The Wuhan Institute of Virology that it is claimed COVID-19 may have escaped from
Image:The Wuhan Institute of Virology that it is claimed COVID-19 may have escaped from

In July, when the operation began, Mr Wilson’s profile claimed US officials were using “enormous pressure and even intimidation” to get scientists to back calls for renewed investigations into the origin of coronavirus.

Within hours, hundreds of other accounts – some only created only that day – began liking, reposting or linking to the post.

Many of the accounts were later found to be fake, with some of the users posing as westerners and others using likely fabricated profile photos.

Facebook said it found links between the accounts and a tech firm based in Chengdu, China, as well as to overseas employees of Chinese infrastructure companies.

Within a week of the initial post, large media outlets in China were reporting on the claims as if they had been made by a real scientist.

The operation was exposed when Swiss authorities announced in August that they had no record of any biologist with that name.

In all, Meta removed about 600 accounts on Facebook and Instagram that were linked to the network.

China’s Ministry of Foreign Affairs has said in the past that the country’s government does not employ trickery on social media.

Coronavirus emerged in Wuhan, China in December 2019 before spreading around the world.

Different governments, experts and organisations, including the US, have suggested the virus may have come from a lab leak in the city – a claim China vehemently denies.

That theory was dismissed by a team led by the World Health Organisation (WHO) that spent four weeks in and around Wuhan in January and February.

However, their report, released in March, was criticised for not finding sufficient evidence to discard the idea – and the WHO’s director-general has since said there had been a “premature push” to rule out the lab leak theory.

The US carried out their own investigation and came to the same conclusion.

Continue Reading

Science & Tech

Meta: UK competition regulator tells Facebook owner to sell GIF library Giphy

Published

on

The investigation into the acquisition has been acrimonious, with Meta previously being fined £50m by the CMA for deliberately refusing to comply with the regulator’s inquiries.

Facebook’s owner Meta has been issued a legally binding order to sell the GIF library Giphy after an investigation found the takeover “could harm social media users and UK advertisers”.

The Competition and Markets Authority (CMA) launched an in-depth investigation into the deal in April after raising a number of concerns. It subsequently warned of the potential forced sale in August.

Giphy – a website for making and sharing animated images, known as GIFs – was acquired by Facebook (now Meta) in May last year to integrate the GIFs with Instagram, but the CMA has now ordered the acquisition to be unravelled.

Sky News understands Facebook intends to appeal the CMA’s decision. It has four weeks to do so and the appeal would go to a the Competition Appeal Tribunal, which is independent of the CMA.

Meta could potentially challenge that ruling in the UK courts, but only on points of law.Advertisement

Facebook has rebranded to Meta
Image:Facebook’s parent company was renamed Meta last month

Stuart McIntosh, who chaired the independent inquiry into the acquisition, said: “The tie-up between Facebook and Giphy has already removed a potential challenger in the display advertising market.

“Without action, it will also allow Facebook to increase its significant market power in social media even further, through controlling competitors’ access to Giphy GIFs.

“By requiring Facebook to sell Giphy, we are protecting millions of social media users and promoting competition and innovation in digital advertising,” Mr McIntosh explained.

The investigation into the acquisition has seen points of acrimony, with Meta being fined a record £50m by the CMA for deliberately refusing to comply with the regulator’s inquiries.

Meta argued that it has been in compliance with the competition watchdog’s primary orders at all times.

At the time of the fine, the company complained that the CMA delayed for seven months a request to amend these orders which was eventually agreed in what the company described as nearly an identical manner to what had been requested.

When Facebook first merged with Giphy it terminated the image library’s advertising services, “removing an important source of potential competition” according to the CMA.

This was considered “particularly concerning given that Facebook controls nearly half of the £7 billion display advertising market in the UK”.

However in Meta’s response to the preliminary findings, the social media giant described the acquisition as a simple vertical merger and said that Giphy was financially troubled and suggested that its attempts to monetise its GIF library for display advertising were unsuccessful.

“If GIF paid alignments were the promising business model that the CMA believes they are, then one would expect to encounter them in the real-world at scale… Yet that is not the case,” the response stated.

According to the regulator, the acquisition potentially also enabled the social media giant to change the terms of access to the GIF library for its competitors.

“For example, Facebook could require Giphy customers, such as TikTok, Twitter and Snapchat, to provide more user data in order to access Giphy GIFs.

“Such actions could increase Facebook’s market power, which is already significant,” the regulator said.

In its review of the merger, the CMA said it risked entrenching Meta’s market dominance, noting that its platforms (Facebook, Instagram, and WhatsApp) already accounted for 73% of all user time spent on social media in the UK.

A spokesperson for Meta said: “We disagree with this decision. We are reviewing the decision and considering all options, including appeal. Both consumers and Giphy are better off with the support of our infrastructure, talent, and resources.

“Together, Meta and Giphy would enhance Giphy’s product for the millions of people, businesses, developers and API partners in the UK and around the world who use Giphy every day, providing more choices for everyone.”

Continue Reading

Health

COVID-19: Mild and moderate cases during pregnancy doesn’t harm babies’ brains, finds study

Published

on

Parents should be reassured, there is “no evidence that a maternal SARS-CoV-2 infection has any effect on the brain development of the unborn child” say scientists.

Mild and moderate coronavirus infections in pregnant women appear to have no effect on the brain of the developing foetus according to a new study.

Two years into the COVID-19 pandemic “there is evidence that pregnant women are more vulnerable” to the coronavirus, according to a study presented to the Radiological Society of North America (RSNA).

The new study aims to identify what the possible consequences are for the unborn child if the mother is infected during pregnancy, and to study the likelihood of the virus being passed on to the foetus.

“Women infected with SARS-CoV-2 during pregnancy are concerned that the virus may affect the development of their unborn child, as is the case with some other viral infections,” said Dr Sophia Stoecklein, senior author of the study.Advertisement

“So far, although there are a few reports of vertical transmission to the foetus, the exact risk and impact remain largely unclear,” added Dr Stoecklein, from the department of radiology at Ludwig Maximilian University of Munich.

“The aim of our study was to fill this gap in knowledge regarding the impact of a maternal SARS-CoV-2 infection on foetal brain development,” she added.

MRI scans were used to study 33 pregnant women who were infected with COVID-19 during their pregnancy, with the women roughly 28 weeks into the pregnancies at the time of the scan.

The scans were evaluated by radiologists with years of experience in foetal MRIs who found that the brain development in the assessed areas was age-appropriate in all of the children, with no findings indicating any infection affected the brains.

“In our study, there was no evidence that a maternal SARS-CoV-2 infection has any effect on the brain development of the unborn child,” Dr Stoecklein said. “This fact should help to reassure affected parents.”

But she cautioned that only mothers with mild to moderate symptoms who were not hospitalised were included in the study, meaning the impact of “severe infection on brain development in the foetus has not been conclusively determined”.

Continue Reading

Trending Now