According to their findings, the capabilities of the software produced by the Israeli company NSO Groupalmost endless because it just doesn’t allow access to mobile phones spy conversations or access information collected here, but also put data inside spy terminal.
“The software makes it possible to manipulate the entire phone. You have access to all the rights to be able to put the data on the terminal,” he explained. Constance Kurz He is one of the three cybersecurity experts from the netzpolitik.org portal and who took part in the first meeting of the commission of inquiry. “Pegasus is the administrator of your phone, so it can do whatever it wants. If it can read and read files, it can also read authentication cookies that allow you to open your email account. Pegasus can replace you online and have the ability to embed files into devices. There’s no way of knowing if this possibility is actually being used” because “there is no independent control over how it behaves” but “we cannot rule out that there is a version of Pegasus that can embed files,” he added. man haertlePublisher of the Polish cybersecurity portal Zaufana Trzecia.
What they are clear about is that the Israeli company needs to know who the victims are because the manufacturer continues to provide support services to customers who have obtained the licenses, and it is impossible to use the system without the company providing that service. “They say they don’t know who you are. victims and they watch their customers to see if they are abusing the system” but that is a contradictory statement and you have to assume the worst. They know who the victims are and technically it is possible”, says the same expert.
iPhone, easy hunting
Haertle also warns iPhones they are “easy prey” and are more easily spied on than Androids due to the greater fragmentation present in models using this operating system. “For Android, it would have to build more versions for a single terminal and it would be harder to hit,” they predict. It is also more difficult to look for evidence of possible espionage. Android.
With regard to attributing espionage to such governments, the experts questioned are aware of the difficulty of attributing the attack as intermediary operators are used and the location from which the data is sent is concealed. But they assure that there are techniques to pin certain attacks and that software is very difficult to trace. “If several attacks are grouped together, you can conclude what the targets are and get an idea of who the operator is,” he says. Bill MarczakFrom CitizenLab, ‘Catalan Gate‘.
As explained in detail, he admits that although licenses allow spying in a particular country, “if a customer is paying enough, it’s normal for the NSO to allow spying with minor limitations.” For example, customers cannot spy on Israel or the United States. While they don’t provide numbers, experts agree that licenses to access spying programs cost “millions” or “tens of millions” depending on the espionage function. Countries like Israel, the United States, Germany, Russia, France, or companies like China’s NSO Group have to apply. they have their own instruments.