What are zero-click assaults, according to Project Pegasus?

The claims of phone hacking have reignited criticism of the Modi government’s surveillance policies | Science & Technology News

The Guardian quoted Claudio Guarnieri, who runs Amnesty International’s Berlin-based Security Lab, as saying that once a phone was infiltrated, Pegasus had “more control” over it than the owner. This is because in an iPhone, for instance, the spyware gains “root-level privileges”. After this it can view everything from contact lists to messages and internet browsing history and send the same to the attacker.

One of the worrying aspects of the Pegasus spyware is how it has evolved from its earlier spear-phishing methods using text links or messages to ‘zero-click’ attacks which do not require any action from the phone’s user. This had made what was without a doubt the most powerful spyware out there, more potent and almost impossible to detect or stop.

How do zero-click attacks work?
A zero-click attack helps spyware like Pegasus gain control over a device without human interaction or human error. So all awareness about how to avoid a phishing attack or which links not to click are pointless if the target is the system itself. Most of these attacks exploit software which receive data even before it can determine whether what is coming in is trustworthy or not, like an email client.

Earlier this year, cybersecurity firm ZecOps claimed iPhones and iPads have had a traditional vulnerability to unassisted attacks, especially with its mail app. From iOS 13, this became a vulnerability to zero-click attacks too. “The vulnerability allows remote code execution capabilities and enables an attacker to remotely infect a device by sending emails that consume a significant amount of memory,” a ZecOps blog published this April said. Apple reportedly patched this in April 2020.

Don’t miss |The making of Pegasus, from startup to spy-tech leader

In November 2019, Google Project Zero security researcher Ian Beer showed how attackers take complete control of an iPhone in radio proximity without any user interaction. He claimed his exploit targeted the Apple Wireless Device Link (AWDL), the peer-to-peer wireless connectivity protocol that iOS devices use to talk to each other. Apple patched this when it released iOS 13.3.1, but accepted that it was powerful enough to “shut off or reboot systems or to corrupt kernel memory”.

On Android phones running version 4.4.4 and beyond, the vulnerability was via the graphics library. Attackers have also exploited vulnerabilities in Whatsapp, where a phone could be infected even if an incoming malicious call was not picked up, and in Wi-Fi, chipsets users to stream games and movies.

However, Amnesty claims even patched devices with the latest software have been breached.

The News Highlights

  • What are zero-click assaults, according to Project Pegasus?
  • Check the latest update on Security news
  • .

Disclaimer: If you need to edit or update this news from compsmag then kindly contact us Learn more

For Latest News Follow us on Google News


Latest Headlines
  • Show all
  • Trending News
  • Popular By week
Last Light, a horror adventure game, has been announced for the Nintendo Switch and PC
Last Light, a horror adventure game, has been announced for the Nintendo Switch and PC
The hospital is enclosed in darkness. All you have to light your way, is a flashlight, and the dim glow of candles… If a demon finds you, don’t hesitate to ...
Cohen Veterans Bioscience presents Voices of Veterans webinar to mark 'Mental Health Action Day' on May 20, 2021 |  national news
Looks like there’s good news for the Bears ahead of COVID-19
5 Bears who impressed during first week of training camp With head coach Matt Nagy scheduled to meet the media Thursday morning, we should get an update ...
Delta variant forces New York auto show cancellation
Delta variant forces New York auto show cancellation
“Over the past few weeks, especially within the past few days, circumstances have changed, making it more difficult to create an event at the high standard ...
Nintendo’s profits are decreasing as the number of Switches sold decreases
Nintendo’s profits are decreasing as the number of Switches sold decreases
Investors are closely watching game companies for signs of a tail-off of the sales boom during the COVID-19 pandemic. Nintendo relies heavily on its cyclical ...
Skydrift Infinity (PC) Review: An Exciting Plane Racing Game
Skydrift Infinity (PC) Review: An Exciting Plane Racing Game
I did not have the pleasure to play the original Skydrift game launched ten years ago, but the enhanced version launched last week promises a handful of ...
COVID-19: Fit, healthy man, 42, killed by coronavirus, laments refusal of vaccine – while sister issues misinformation alert |  UK News
COVID-19: Fit, healthy man, 42, killed by coronavirus, laments refusal of vaccine – while sister issues misinformation alert | UK News
“He felt that he would be ok and I think he didn’t know anyone who had COVID. She said: “, he felt that he was young, fit, healthy, very active and really ...
What Is Kali’s Secret Identity? How to Set It Up on Linux
What Is Kali’s Secret Identity? How to Set It Up on Linux
Offensive Security, the company that maintains Kali Linux, has developed a quick solution for this. Kali’s undercover mode can change the appearance of your ...
Carolina  News Equipment Honored by Sharp Electronics for IT Achievements |  The business
Carolina News Equipment Honored by Sharp Electronics for IT Achievements | The business
CBE was founded n Columbia and has been providing business solutions to entities statewide since 1975. Services include print solutions, managed print ...
Tomorrow’s ‘longest basketball game’ world record attempt, highlights mental health awareness
Tomorrow’s ‘longest basketball game’ world record attempt, highlights mental health awareness
Anyone is welcome to come cheer them on and there are some incentives to donate! “We’re going to be selling shirts, we have a Magic Johnson signed basketball, ...
The Rhythm Mobile Game Touhou Danmaku Kagura Has Finally Arrived
The Rhythm Mobile Game Touhou Danmaku Kagura Has Finally Arrived
TOUHOU DANMAKU KAGURA – DOWNLOAD, WHY IOS PLAYERS ARE UNHAPPY? Touhou Danmaku Kagura is an original rhythm game using Touhou music and characters, however, ...
Show next
Compsmag - Latest News from tech, business and health
Logo