Copyright © 2022, Quiller Media, Inc.
AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.
A journalist who was a victim of hacking by Pegasus spyware has revealed their experience in being a target for hacking, including how suspicious messages and "zero-click" exploits led to access to the journalist's smartphone.
An investigation in July highlighted how the NSO Group's Pegasus spyware was used to attack journalists and human rights activists. The spyware, which was intended by NSO Group to only be used for crime prevention and investigative purposes, was misused by some governments to perform surveillance on potentially thousands of activists and journalists.
In a New York Times report, Middle East correspondent Ben Hubbard explains how he became a target, in part due to often speaking to "people who take great risks to share information that their authoritarian rulers want to keep secret." While Hubbard took precautions to protect sources due to the risk of imprisonment or death, he still became a victim of Pegasus hacking.
In working with Citizen Lab, Hubbard found that he had been targeted with a suspicious text message in 2018, thought to have been sent by Saudi Arabia. The publication's tech security team uncovered another hacking attempt from 2018, with a second message sent via WhatsApp, inviting the journalist to a protest at a Saudi Embassy in Washington, complete with a suspicious link.
Neither attempt succeeded, Citizen Lab confirmed, as Hubbard didn't click the links included in each message, though it wasn't the end of the harassment.
Further investigations of Hubbard's device revealed a pair of hacks in 2020 and 2021 that were successful, using a zero-click exploit that didn't require users to click a link to infect. It seems unlikely that the identity of the hacking party will be uncovered, it was discovered that the second hack took place to remove traces left behind from the first.
Pegasus is believed to be used for all of the attacks. NSO Group denied that its products were used in the attacks, that "technical and contractual reasons and restrictions" meant Hubbard couldn't possibly have been a target in the 2020 and 2021 incidents.
The attacks against Hubbard are among a large number using the spyware, which have been condemned by Apple and other organizations around the world.
It is unclear exactly what smartphone Hubbard was using throughout this period, but Pegasus is famous for attacking iPhones, among other devices, taking advantage of various exploits in iOS to defeat on-device security. In September, Apple's release of patches for iOS 14.8 and iOS 12.5.5 plugged security holes that Pegasus abused to take control of a target's iPhone.
A successful infection of Pegasus allowed n attacker practically unlimited access to the iPhone or other device, including being able to extract data, read encrypted messages, enable cameras and microphones, record phone calls, and to track the device's GPS co-ordinates live.
Governments thought to have been NSO clients include Azerbaijan, Kazakhstan, Rwanda, and the UAE, among others considered to have authoritarian regimes. Other more progressive governments have also become customers, including Germany, as was revealed in September.
Imagine if these devices had built in back doors like someone the government want.
Everyone needs to recognize: There are no good guys.
" NSO Group denied that its products were used in the attacks, that "technical and contractual reasons and restrictions" meant Hubbard couldn't possibly have been a target in the 2020 and 2021 incidents.” Right, and we’re supposed to believe them, just like their claim that they only sell to official government entities. And of course, these attacks only happen to iPhone users. Android users are completely safe from Pegasus attacks because of Android’s superior security. All journalists, human rights and political dissidents activists should chuck their iPhones and buy Pixels to protect themselves from prying eyes.
j2fusion said: Imagine if these devices had built in back doors like someone the government want. Actual Time and other so called news outlets were also pushing for back doors so the Government could go after the "Bad Guy" of course the bad guy is anyone government or the media does not like at the time. People have no idea how important privacy is and they want to give everyone else's away until the thought and idea police what to know you they are up too. not sure what this writer is complaining about, if he had nothing to hear why does he care what snooping eye want to see what they are doing.
Actual Time and other so called news outlets were also pushing for back doors so the Government could go after the "Bad Guy" of course the bad guy is anyone government or the media does not like at the time. People have no idea how important privacy is and they want to give everyone else's away until the thought and idea police what to know you they are up too. not sure what this writer is complaining about, if he had nothing to hear why does he care what snooping eye want to see what they are doing.
maestro64 said: j2fusion said: Imagine if these devices had built in back doors like someone the government want. Actual Time and other so called news outlets were also pushing for back doors so the Government could go after the "Bad Guy" of course the bad guy is anyone government or the media does not like at the time. People have no idea how important privacy is and they want to give everyone else's away until the thought and idea police what to know you they are up too. not sure what this writer is complaining about, if he had nothing to hear why does he care what snooping eye want to see what they are doing. To be honest, I trust my government more than I do NSO group.
To be honest, I trust my government more than I do NSO group.
Xu Yanjun, an officer in China's Ministry of State Security (MSS), was caught with the help of an iCloud backup of his iPhone.
The iPhone 14, iPhone 14 Pro, and iPhone 14 Pro Max, alongside the Apple Watch Series 8 and SE ranges are available to buy in Apple Stores worldwide — and Apple has spotlighted the first customers.
The version of iOS 16 that comes preinstalled on the new iPhone 14 range includes a bug that affects activation, and shows up as problems with Messages and FaceTime.
Apple released the Apple Watch Series 8 alongside an updated Apple Watch SE on September 7. Here's how they compare with one another.
Apple made considerable upgrades to the iPhone 14 Pro while making fewer than usual to the iPhone 14. Here's how the two similar-sized flagship iPhone models differ.
Apple's iPhone 14 Pro and iPhone 14 Pro Max have arrived. Here's how they stack up versus the iPhone 13 Pro and Pro Max.
Apple's iPhone 14 is aimed at about the same market that the iPhone SE targets. Here's how it compares to the third-generation iPhone SE.
Apple announced the second generation of AirPods Pro at its "Far Out" event on September 7. Here's how it compares to the first generation.
U.S. antitrust officials ask to be heard in Epic vs. Apple appeal
24 years after original iMac, there's still big demand for floppies
Apple's loaded MacBook Air (M2, 24GB RAM, 1TB SSD) now $100 off, plus $40 off AppleCare
'Breakup mode' - How to make Photos feature people less often
How to set different backgrounds for each Focus Mode in iOS 16
Deals: get an iPhone 14, iPhone 14 Pro for free with wireless carrier promos
The best GaN chargers for recharging your iPhone, iPad & Mac
Full video of Steve Jobs panel with Cook, Ive & Powell Jobs is available
Xu Yanjun, an officer in China's Ministry of State Security (MSS), was caught with the help of an iCloud backup of his iPhone.
The iPhone 14, iPhone 14 Pro, and iPhone 14 Pro Max, alongside the Apple Watch Series 8 and SE ranges are available to buy in Apple Stores worldwide — and Apple has spotlighted the first customers.
The version of iOS 16 that comes preinstalled on the new iPhone 14 range includes a bug that affects activation, and shows up as problems with Messages and FaceTime.
Chargers using gallium nitride offer high wattages in a compact size. Here are some of the best options on the market to recharge your iPhone 14, iPad, Mac, and other Apple devices.
Following the release of its massive iOS 16 update, Apple has already moving on. Here's what we've found hiding in the iOS 16.1 developer beta.
New in iOS 16 is the ability to add widgets to your Lock Screen. We've curated the top third-party apps that have already added support for these highly-visible widgets that you can download now.
Apple's iOS 16 makes the iPhone more customizable than ever. This is the ultimate guide on how to make the iPhone a more personal device.
It's been a rocky road to the iOS 16 launch. Here are the high-profile features that didn't debut in the initial release of Apple's operating system.
Less an overhaul and more refining what's already in place, iOS 16 is all about personalization on top of a retained solid foundation.
With the SwitchEasy four-in-one MagPower multi-charger, you can power up all your gear with a single device — including your Apple Watch with an Apple-certified puck.
The Benks Grand Pro Headphone Stand for AirPods Max is a welcome upgrade over the original. However, it introduces complexity where there was none before — while also ignoring an obvious problem.
Keep tabs on the air quality of your home — including potentially deadly radon levels — with the Airthings View Plus.
Apple didn't make a Magic Keyboard for iPad mini 6, and Lululook's Magnetic Keyboard perhaps acts as a testament to why.
AppleInsider is one of the few truly independent online publications left. If you love what we do, please consider a small donation to help us keep the lights on.
If you love AppleInsider and want to support independent publications, please consider a small donation.