Google’s top security experts, Project Zero, are decoding zero-click Pegasus code and publishing it online. They are concerned about its complexity.
Google’s Project Zero cybersecurity specialists are concerned about zero-click attacks, describing them as “terrifying” and stating that all iOS systems might be targeted. Since 2014, when vulnerabilities began to climb to unprecedented heights, Project Zero worked full-time. The team focuses on Google-related assaults, software faults, and hardware and software vulnerabilities.
During the Pegasus incident, an Israeli corporation, NSO Group, rose to international prominence. Pegasus is a piece of spyware created by NSO to spy on iPhone users. Governments bought the malware and used it to spy on activists, journalists, and even diplomats. Human rights campaigners in countries such as Morocco and Bahrain, to name a few, have been victims of Pegasus, according to Citizen Lab and Amnesty International.
Experts from Project Zero recently published a blog outlining how zero-click assaults work down to the source code. According to the security experts, the code and its technique are among the most advanced they have ever seen. Project Zero looked into iPhone attacks, but they’re concerned that any device may be targeted. They claim that the spyware produced by NSO outperforms all nation-state defense capabilities, including those with the most advanced cybersecurity systems.
Compress-And-Decompress Files Have Been Elegantly Wasted
Zero-click attacks are altering the game’s regulations. Previous one-click solutions needed users to act, such as clicking on a link. However, no action is required for the code to break through backdoors makes zero-click attacks risky.
NSO is selling comparable zero-click capabilities for Android smartphones, according to Project Zero. They haven’t been able to obtain those codes, so they don’t fully understand how they function. As a result, Project Zero has asked anyone with zero-click Android attack samples to contact them. Citizen Lab’s FORCEDENTRY sample was analyzed by Project Zero and Apple’s Security Engineering and Architecture SEAR division. The team published their findings in great detail on the internet.
Pegasus on iPhones is accessed through iMessage, according to Project Zero. Endless looped GIFs are utilized in a “fake gif” trick, which exposes hundreds of thousands of lines of code remotely using arcane and difficult techniques. To hide the code, similar files that require compress-and-decompress are employed. Project Zero mentions PDF, JBIG2 streams, and other types of files. Project Zero at Google will continue to publish its cybersecurity findings on the internet. They appear to be after shedding light on the darkness these attacks rely on to survive.
Source: Project Zero