قالب وردپرس درنا توس
Home / Business / Khashoggi: How a hacked phone may have led killers to Saudi journalist

Khashoggi: How a hacked phone may have led killers to Saudi journalist

NSO denied any involvement in Khashoggi's death, insisting that its software is "only to combat terrorism and crime".

The company was condemned as "the worst of the worst" by NSA informant Edward Snowden during a videoconference with an Israeli audience last November.

"The NSO group in today's world, based on the evidence we have, is the worst of the worst sellers of these burglary tools that are currently actively used to violate the human rights of dissidents. opposition and activists, "said Snowden.

Great threat

I saw the power of Pegasus two years ago. Check Point's mobile security experts, one of the world's leading information security experts, showed me how they could hack a one-click phone, gaining full access to the microphone, camera, keyboard and data.

They say the malware used was similar to Pegasus: a seemingly innocent message appeared on my phone asking me to update my settings, and all they needed to access the phone.

The IT security expert Michael Shaulov launched a startup for computer security in 201

0, partly in response

"Even when [NSO Group sells] software specifically for the agency of the security forces 39. order that specifically bought it, in case those guys wanted to go after what we call illegitimate targets, NSO has no control [over it]"he says. "They can not really stop it."

NSO Group claims to be able to monitor all of its software for all of its customers, but would need to actively monitor how customers were using their products before realizing any abuse.

Corporate technology takes advantage of so-called "zero days": hidden vulnerabilities in operating systems and apps that allow hackers to access the internal mechanisms of the phone. The term stems from the fact that software developers have not had time to solve them.

Companies like NSO have teams of researchers who continually reverse-engineer the Apple and Android operating systems to find bugs in the code they can then exploit, says Shaulov, describing the process of finding zero days as "art" in the world black and white part of computer security.

The NSO Group's unique target on mobile devices has made them the "alpha dog" in the market, says Shaulov. [19659002] Finding a zero day may take from a few months to more than a year, and there is little guarantee of its long-term effectiveness. But if the weakness is not resolved, it can be repeatedly exploited to hack the phones. Software developers like Apple and Google have dedicated teams to find and fix vulnerabilities, but for them it's no easier than for hackers to find the weak link. Also, developers' priorities may be elsewhere, so even known bugs remain incorrect.

"Unless Apple or Google fix that bug, that vulnerability … can remain for many, many years and NSO can continually sell software that can go through those bugs in the software and infect those phones," says Shaulov.

Researchers at Toronto's Citizen Lab tracked down the use of NSO Group's Pegasus software in 45 countries where operators "could conduct surveillance operations", including at least 10 Pegasus operators who "seem to be actively engaged in cross-border surveillance ".

Khashoggi: "God help us"

The software, able to infect a phone after a single click on a link in a fake text message, then grants hackers full access to phone. Data stored on the phone, messages, phone calls and even GPS location data are visible, allowing hackers to see where someone is, who they are talking to and what.

In the case of Khashoggi, researchers at the Citizen Lab say the text message went to Abdulaziz, disguised as a shipping update on a package he had just ordered. The link, which Citizen Lab says dated back to a Pegasus-connected domain, brought Abdulaziz's phone to be infected with malware, allowing hackers to virtually access his entire phone, including daily conversations with Khashoggi.

  Jamal Khashoggi's private messages of WhatsApp could offer new clues to kill

In a text, before his death the On 2 October at the Saudi consulate in Istanbul, Khashoggi learned that his conversations with Abdulaziz may have been intercepted. "God help us", he wrote. CNN was granted access to correspondence between Khashoggi and the Montreal Abdulaziz activist.

Two months later Khashoggi entered the building for what he thought was a routine appointment to collect documents that would allow him to marry his Turkish girlfriend, Hatice Cengiz. A few minutes later, he was killed in what the Saudi general prosecutor later recognized as premeditated murder.

The Saudis presented changeable stories about Khashoggi's fate, initially denying any knowledge before claiming that a group of dishonest operators, many of whom belong to the restricted circle of the Saudi hereditary prince Mohammed bin Salman was responsible for the journalist's death.

Riyadh claimed that neither Bin Salman nor King Salman knew of the operation to hit Khashoggi. US officials, however, said that such a mission – including 15 men sent by Riyadh – could not have been carried out without the authorization of bin Salman.

NSO speaks

First interview by NSO Group since the company was involved in the Khashoggi case, CEO Shalev Hulio categorically denied any involvement in monitoring the Saudi journalist or his homicide. Defining his death as a "shocking murder", Hulio said that following the checks carried out by the NSO Group, the company would know immediately if their software had been used to track down a journalist.

"We have conducted a thorough check of all our customers not just a client who might be a potential suspect involved in the case, but also other customers who might be interested in following him for some reason," Hulio explained in the report. interview with Yedioth Ahronoth, one of the biggest Israeli newspapers. "We have controlled all our customers, both through conversations with them, and through unfailing technological control: the systems produce their documentation and it is not possible to act against this or that objective without us being able to control it".

"I say on the register that after all these checks no NSO product or technology has been used on Khashoggi, and this includes tapping, monitoring, locating or gathering information. ” data-src-mini=”//cdn.cnn.com/cnnnext/dam/assets/181025171830-jamal-khashoggi-small-169.jpg” data-src-xsmall=”//cdn.cnn.com/cnnnext/dam/assets/181025171830-jamal-khashoggi-medium-plus-169.jpg” data-src-small=”http://cdn.cnn.com/cnnnext/dam/assets/181025171830-jamal-khashoggi-large-169.jpg” data-src-medium=”//cdn.cnn.com/cnnnext/dam/assets/181025171830-jamal-khashoggi-exlarge-169.jpg” data-src-large=”//cdn.cnn.com/cnnnext/dam/assets/181025171830-jamal-khashoggi-super-169.jpg” data-src-full16x9=”//cdn.cnn.com/cnnnext/dam/assets/181025171830-jamal-khashoggi-full-169.jpg” data-src-mini1x1=”//cdn.cnn.com/cnnnext/dam/assets/181025171830-jamal-khashoggi-small-11.jpg” data-demand-load=”not-loaded” data-eq-pts=”mini: 0, xsmall: 221, small: 308, medium: 461, large: 781″ src=”data:image/gif;base64,R0lGODlhEAAJAJEAAAAAAP///////wAAACH5BAEAAAIALAAAAAAQAAkAAAIKlI+py+0Po5yUFQA7″/>

Shalev Hulio – whose name baptism is the "S" in the NSO – says NSO Group can disconnect a client's software if used inappropriately or against improper targets, such as journalists or human rights activists who are simply doing their job.

" In cases where the system is used improperly, assuming that we are aware of it, the Technological system that we have sold them will be immediately disconnected; this is something we can do both technologically and legally. "

Hulio said that NSO" permanently "shut down the three client systems due to misuse, although it did not specify which clients.

Pegasus had been sold to Saud al-Qahtani, a senior Saudi official accused by Saudi public prosecutors to have played an important role in the killing of Khashoggi, which has close ties to Crown Prince Mohammed bin Salman, Hulio said he had not, and insisted that NSO does not sell to "private items"

"All sales are authorized by the Israeli Ministry of Defense and are done only to states, their police forces and order forces," he said, and "only to combat terrorism and crime" ".

Point blank if the NSO group sold the system to Saudi Arabia, Hulio said," We do not comment on specific questions about specific customers. We can neither deny nor confirm. "

Worldwide, Hulio said that there are no more than 150" active targets "currently monitored with NSO technology. He said that the previous year was the best in the company's history and that the system had been sold to "dozens of countries around the world on all continents in addition to Antarctica."

Hulio has repeatedly represented his company as one that has helped the world's intelligence agencies to fighting terrorism, advertising the lives saved by technology

modesty that thousands of people in Europe owe their lives to hundreds of workers [we have] in Herzliya, "he said referring to the Israeli city where the company is located. "I reiterate that any use [of our technology] that goes beyond the criteria of saving lives at risk of crime or terror will prompt our company to take immediate, unequivocally and decisively action."

Potential attack surface

The results of Citizens Lab, which Hulio dismission issued as inaccurate, depict "a bleak picture of the human rights risk" of Pegasus, states the Citizen Lab, adding that "at least six countries with significant Pegasus operations they have previously been linked to the abusive use of spyware to target civil society, including Bahrain, Kazakhstan, Mexico, Morocco, Saudi Arabia and the United Arab Emirates. "

Apple, Google and other technology companies are constantly working to fix bugs and close zero days in their software.The new features introduced bring with them a new code, introducing the possibility of new vulnerabilities.The software developers dedicate millions of dollars to close these vulnerabilities before they are discovered, hackers devote time and energy to discover them before they are closed It's a 21st century digital arms race.

Adam Donenfeld, a mobile security researcher at Zimperium, states that the number of places to hack a phone, called potential attack surfaces, is almost limitless.

Donenfeld says it's hard to pin down how many there are, "but much more than people think: there are many … there are always new vulnerabilities introduced in the devices. "

Any interaction, however simple, between a device and a phone is a potential attack surface. Donenfeld uses the example of chat applications, but says that it's not just chat apps that provide potential hacker ways.

If a hacker sends a video to your phone, even before you open it, your phone has already received some video metadata. He also informed the hacker that the video was received. You do not need to click on the video or accept the message to create a potential attack surface.

"I can send you a package of malicious data that can cause memory corruption on your phone that can happen remotely only by you with [a chat app]," explains Donenfeld. "Receive messages even if the app is closed because it runs in the background, [so] exists the ability to run the code on your device without you being aware of it."

Malware value

[19659002] Although the number of potential attack surfaces can be almost unlimited, very few offer complete access to elite hackers. In addition, there are relatively few IT experts who understand how to take advantage of zero day vulnerabilities.

The lack of zero days, combined with the technical difficulty necessary to discover them, makes them incredibly valuable to the right buyer. [19659002] "If you have a complete working chain, it's definitely [worth] more than a million dollars," says Donenfeld. "There is always a question, there is always someone who will buy it".

The NSO Group has evidently capitalized on this demand, turning it into a multi-million dollar company with a powerful product.

But this product – Pegasus – also put NSO at the center of a series of lawsuits that assumed the use of malware, as in the case of Jamal Khashoggi, violated international law.

NSO told CNN in December The cause of Abdulaziz was "completely unfounded" and showed "no evidence that the technology of society was used".

"The case seems to be based on a collection of press cuttings that were generated for the sole purpose of creating news headlines," NSO said in a statement. "In addition, the products supplied by NSO are managed by the government customer to whom they are provided, without the involvement of NSO or its employees."

Source link