Is spyware from Israel equivalent to "full -fledged hacking" with the support of the nation?Google analysis results are ripples

However, NSO Group finally found a breakthrough.

Forcedentry tricks the platform using the weaknesses of the process that IMESSAGE accepts files such as GIF and "translate", and opens a malicious PDF file without the victims without any victims.The attack is abusing the vulnerabilities of the old -style compression tools used in the processing of texts read in the physical scanner, so that NSO Group customers can completely take over the iPhone.The algorithm in the 1990s, which was basically used for physical copies and scan compression, is still quiet in modern communication software with any defects and burden.

FORCEDENTRYが洗練されている点は、これだけではない。インストールに成功したマルウェアへと指示を送るには、いわゆるC&C（コマンド＆コントロール）サーヴァーが必要になる攻撃が多い。ところがFORCEDENTRYは、独自の仮想環境を構築する。攻撃のインフラ全体が、iMessageの隔離された仮想空間内で実行できることから、攻撃の検出はより困難になる。「かなり驚くべきことであり、同時にかなり恐ろしいことでもあります」と、Project Zeroの研究者は分析結果で結論づけている。

NSO is not an exception

John Scott Railton, senior researcher of Citizen Lab, said that Project Zero deeply delved into technical aspects and analyzed.This is because it not only explains the mechanism of the Forcedentry in detail, but also reveals how excellent and dangerous the malware developed by private companies can be.

"This is comparable to the full -fledged hacking ability with the nation's support," says Scott -Lilton."It's extremely sophisticated, and it would be really scary if it was used by a dictator who runs without a brake, and what other things have been used as usual and have not been discovered yet.I will make me think. If this is the threat that civil society is facing, it is exactly an emergency. "

After many years of discussions, the voices of politicians who accuse private spyware developers may be increasing.For example, as Reuters first reported, 18 US parliamentarians groups sent a letter to the Ministry of Finance and the Ministry of State on December 14 (US time) and sanctioned three NSO Group and three international surveillance companies.I am asking to add it.

"This is not the" NSO exception ". There are many companies that offer similar services, and it is highly likely that they are doing similar things," said Beer and Gross."It's just a story that I found this time was NSO."

* Click here for related articles related to "WIRED".

WIRED SZ Membership "WIRED SZ Membership" will deliver a long -lead (feature -length article) packed with insights (insights) to see the next 10 years according to the weekly theme.Services full of stimuli that can be participated in weekly members -only events are conducting a one -week free trial!Click here for details

Text by Lily Hay Newman