Pegasus spyware found on Downing Street device – researchers say multiple attacks launched
Boris Johnson ‘ticking a lot of boxes’ says Robinson
We use your sign-up to provide content in ways you’ve consented to and to improve our understanding of you. This may include adverts from us and 3rd parties based on our understanding. You can unsubscribe at any time. More info
They also said that the origin of the attacks on No 10 in both 2020 and 2021 was the United Arab Emirates (UAE). Pegasus is sophisticated hacking software developed by the Israeli NSO Group and is perhaps the most powerful piece of spyware ever developed. It can copy incoming and outgoing messages on a phone, as well as harvest photos and record calls.
NSO markets and licences its product to governments around the world, which use it for intelligence gathering.
Experts at the University of Toronto’s Citizens lab said in a report that the spyware was used to target the Prime Minister’s office and also the Foreign Office (FCDO).
However, they were unable to identify specific individuals within No 10 or the Foreign Office who were suspected of being hacked.
Citizen Lab said in a statement: “During the course of our investigations into mercenary spyware, we will occasionally observe cases where we suspect that governments are using spyware to undertake international espionage against other governments.
“The vast majority of these cases are outside of our scope and mission.
“However, in certain select cases, where appropriate and while preserving our independence, we decide to notify these governments through the official channels, especially if we believe that our actions can reduce harm.
“We confirm that in 2020 and 2021 we observed and notified the government of the United Kingdom of multiple suspected instances of Pegasus spyware infections within official UK networks.”
The cyber specialists revealed that the FCDO has been targeted by operators in the UAE, India, Cyprus and Jordan.
The earliest version of Pegasus infected phones using spear-phishing techniques.
Malware would be sent via text message or email and activated when the recipient clicked on the malicious link.
However, NSO developers have since perfected their techniques and can now infect devices through so-called “zero-click” attacks.
The attacks do not require a phone’s user to do anything, as they exploit “zero-day” vulnerabilities.
These are flaws or bugs in an operating system that the mobile phone’s manufacturer does not yet know about and so has not been able to fix.
Joe Biden’s administration placed NSO on a US blacklist last November, after claiming the company had sold surveillance spyware to foreign governments that subsequently used it for “transnational repression”.
Responding to Citizen Lab’s report, an NSO spokesperson said: “NSO continues to be targeted by a number of politically motivated advocacy organisations like Citizen Lab and Amnesty to produce inaccurate and unsubstantiated reports based on vague and incomplete information.
“We have repeatedly cooperated with governmental investigations, where credible allegations merit.
DON’T MISS
Boris Johnson still in talks to issue Wimbledon bans to Russian stars [NEWS]
Boris Johnson seeking £28bn trade deal on a first time trip to India [SPOTLIGHT]
Brexit LIVE: Fishing row erupts as Falklands hammered by tariffs [REVEAL]
“However, information raised regarding these allegations are, yet again, false and could not be related to NSO products for technological and contractual reasons.”
A UK government spokesperson said: “We do not routinely comment on security matters.”
The Toronto University’s cyber experts also alleged that at least 65 Catalan politicians and activists were targeted by Pegasus and Candiru spyware.
Those targeted included Pere Aragonès, president of the Catalan Government, along with European Parliament members, Catalan legislators, jurists, activists and their family members.
Mr Aragonès tweeted: “The operation of mass espionage against Catalan independence is an unjustifiable shame.
“An extremely serious attack on fundamental rights and democracy.”
Source: Read Full Article