California: There were some reports this year that social activists, journalists, and politicians were being spied through spyware named Pegasus. This spyware was prepared by the Israeli company NSO Group. Pegasus used to hack smartphones including the iPhone. After these reports came to the fore, the US has banned companies from working with the NSO group. Apart from this, Google has also sued NSO. Now the US company Google has explained in detail how Pegasus used to attack the iPhone.
Through a blog post, Google has explained that NSO works on zero-click exploration technology. In a zero-click attack, the hacker does not send any phishing messages or suspicious links, rather it works peacefully in the background. Google’s Project Zero team, which analyzes cyber security threats, said, “Protecting zero-click exploits is nothing less than not using the device. It is a weapon against which there is no protection.’ Google said about the iPhone that here Pegasus starts with the message. If the attacker has an Apple ID username or phone number, they can target the user.
Fake gif prop
A user who is a victim of hacking can get a GIF file, but in reality, it is not a GIF file. Then even if .gif is written at the end of it. Hackers can target users by using fake GIFs. According to Google, Apple has completely removed the GIF code path in iOS 15, which could have led to such attacks.
Use of compression
There are no longer issues with bandwidth or storage as before. The compression used in the 90s continues to be used today. Google says that the JBIG2 image codec was used to compress images in the 90s, where pixels could only be black or white. A few years back, there were many PDF files that were likely to contain the JBIG2 stream in PDF. Many such old algorithms continue to be used today, which are used for attacks such as Pegasus.
