• Home
  • blog
  • Security companies report on "...
Security companies report on "Pegasus" spyware methods that exploit the iOS vulnerability "Trident"

Security companies report on "Pegasus" spyware methods that exploit the iOS vulnerability "Trident"

Researchers have disclosed more information about the advanced spyware discovered in August. The spyware was able to exploit three separate vulnerabilities to monitor "iPhone" users.

These three "iOS" vulnerabilities are called "Trident". Exploitation of Trident by an attacker could lead to the jailbreak of the targeted iPhone and the installation of "Pegasus" mobile spyware. Pegasus was able to completely break through the security of the targeted smartphone, allowing an attacker to monitor and track any action on the device.

At Black Hat Europe, Lookout researchers have released new information on Trident, and how Pegasus can evade detection extremely effectively.

After a click on a spear phishing link sent by a text message triggers a break into the target iPhone, Pegasus monitors the device and detects it from the user or device while stealing the desired data. Take various steps to avoid being done altogether.

iOSの脆弱性「Trident」を突く「Pegasus」スパイウェアの手法などをセキュリティ企業がレポート

First, it prevents infected users from updating security and removing Pegasus spyware from their devices by preventing infected iPhones from downloading updates at all.

In addition, Pegasus will clear the cache of the mobile version of the Safari browser. This is to keep users unaware that Pegasus is tracking Internet records. If the attacker then determines that it has collected all the necessary information about the target, Pegasus deletes itself.

It can remain undetected, allowing an attacker to monitor a target through text messages, calls, or using the device's microphone, camera, and location information.

Pegasus can also use the targeted iPhone to access a wireless internet connection to further track users and understand where they visit and what they do. Even if the target uses encrypted communication, it is not secure. Pegasus also has the ability to intercept it.

A security update released by Apple following Lookout's disclosure of the vulnerability should ensure the security of the user's device for the time being. Meanwhile, Microsoft says companies should rethink their unwavering trust in iOS as a managed ecosystem.

This article was edited by Asahi Interactive for Japan from an article from overseas CBS Interactive.

Category

Hot Articles

For those who have become close contacts and those who are suspected of having close contacts 18/03/2022
Replenishment charging is no problem Surprising new common sense of battery | NIKKEI 16/03/2022
I-Grid Solutions Started demonstration experiment of "REAL New Energy Platform (TM)" to realize regional circulation business model of surplus solar power generation Company release 23/03/2022
The iPhone XR isn't just "cheap.""8 points" found by using: Product review 04/04/2022
Is the radio wave of the 5G mobile terminal safe?Mechanism of NICT technology to be evaluated | New Switch by Nikkan Kogyo Shimbun 21/03/2022
Was it too early for humanity?Notebook PCs that were "perverted" in a good way 10 selections of (in a good way) perverted notebook PCs that were too early for humankind 17/03/2022
It is clear that the performance and power consumption of the 12th generation Core i9, Apple M1 Max are exceeded 07/04/2022
VERSAND EINES GeschirrspüLers Nach El Corte Ingles 23/08/2022

Tags