Bloomberg Businessweek February 21, 2022 pp19-20 |TECHNOLOGY|”No-Click Hacks Target the Savvy” “It’s getting easier to sneak spyware onto phones without tricking victims into clicking links” “THE BOTTOMLINE Governments are fueling demand for sophisticated hacking services as they pursue dissidents who’ve become better a protectiing themselves.”
Read Bloomberg Businessweek for all the details
Summary by 2244
Image from iphonehacks.com
Thought you were safe from hacking because you don’t click on unknown messages or emails? Think again. Several companies around the world offer, so far at high cost-hundreds of thousand dollars and more, hacks that don’t require the intruder to trick you into an action allowing access to smartphones etc. “It can be hard to even know when a zero-click attack has occurred. In one case highlighted in the article, “administrators…noticed suspicious activity on their computer networks that eventually led them to [the index case’s phone].” In this case the iPhone XS Max had “been infected with a piece of spyware known as Pegasus at least six times.”
The only prevention so far is not using “devices at all.” One victim says “I never saw any message…the message arrives and disappears straightaway, or it arrives and you cannot see it. So there are no clicks, no action from you. It just infects.”
According to experts, governments are increasingly employing “zero-click attacks” and in doing so are fueling the availability of these hacks. Companies mentioned to be involved include NSO Group (Israel) with the product Pegasus, Artity (Latvia and Estonia) and Zerodium (Delaware, USA). The latter pays “for information about vulnerabilities [on Android and iPhones etc.] that would allow for zero-click attacks, then sell this information to customers who may use it to implant spyware.”