“Google Warns That NSO Hacking Is On Par With Elite Nation-State Spies”
WIRED, December 15, 2021
By Lily Hay Newman
“ForcedEntry is “one of the most technically sophisticated exploits” Project Zero security researchers have ever seen.”
The Israeli spyware developer NSO Group has shocked the global security community for years with aggressive and effective hacking tools that can target both Android and iOS devices. The company’s products have been so abused by its customers around the world that NSO Group now faces sanctions, high-profile lawsuits, and an uncertain future. But a new analysis of the spyware maker’s ForcedEntry iOS exploit—deployed in a number of targeted attacks against activists, dissidents, and journalists this year—comes with an even more fundamental warning: Private businesses can produce hacking tools that have the technical ingenuity and sophistication of the most elite government-backed development groups.
Google’s Project Zero bug-hunting group analyzed ForcedEntry using a sample provided by researchers at the University of Toronto’s Citizen Lab, which published extensively this year about targeted attacks utilizing the exploit. Researchers from Amnesty International also conducted important research about the hacking tool this year. The exploit mounts a zero-click, or interactionless, attack, meaning that victims don’t need to click a link or grant a permission for the hack to move forward. Project Zero found that ForcedEntry used a series of shrewd tactics to target Apple’s iMessage platform, bypass protections the company added in recent years to make such attacks more difficult, and adroitly take over devices to install NSO’s flagship spyware implant Pegasus.
Apple released a series of patches in September and October that mitigate the ForcedEntry attack and harden iMessage against future, similar attacks. But the Project Zero researchers write in their analysis that ForcedEntry is still “one of the most technically sophisticated exploits we’ve ever seen.” NSO Group has achieved a level of innovation and refinement, they say, that is generally assumed to be reserved for a small cadre of nation-state hackers.
About the Author:
Lily Hay Newman is a senior writer at WIRED focused on information security, digital privacy, and hacking. She previously worked as a technology reporter at Slate magazine and was the staff writer for Future Tense, a publication and project of Slate, the New America Foundation, and Arizona State University. Additionally her work has appeared in Gizmodo, Fast Company, IEEE Spectrum, and Popular Mechanics. She lives in New York City.
See also in Internet Salmagundi: