Israeli security firm NSO Group claims it has developed a smartphone surveillance tool that can not only gather data from a smartphone’s local storage, but also harvest all of the device’s communications with cloud-based services, such as Apple’s iCloud, as well as services form Amazon, Google, and Microsoft.
A report from the Financial Times (via MacRumors) says the latest version of Pegasus spyware sold by NSO Group is being promoted to potential customers as a way to target data users have uploaded to the cloud. The tool reportedly works on many of the latest Android and iPhone devices, and can continue to gather data even after the tool has been removed from the device.
The new technique is said to copy the authentication keys of services such as Google Drive, Facebook Messenger and iCloud, among others, from an infected phone, allowing a separate server to then impersonate the phone, including its location.
This grants open-ended access to the cloud data of those apps without “prompting 2-step verification or warning email on target device”, according to one sales document.
Anyone using the spyware is said to be able to access such private information as the full history of the targeted user’s location data, archive messages and photos, and more. The Financial Times says its sources shared documents and described a recent product demonstration.
When contacted by the publication, NSO denied that it was promoting surveillance tools for cloud services, but didn’t go so far as to deny that it had developed such capabilities.
When contacted for comment on the report, an Apple spokesperson told the Times the company’s operating system is “the safest and most secure computing platform in the world. While some expensive tools may exist to perform targeted attacks on a very small number of devices, we do not believe these are useful for widespread attacks against consumers,” adding that it regularly updates its operating systems and security settings.
This report likely has tech firms scrambling to learn more about the alleged technique and looking for ways to strengthen their security protocols in the future.
NSO Group is the firm responsible for the widely-publicized WhatsApp hack, which allowed the installation of Pegasus spyware on unsuspecting users’ smartphones.