❌

Normal view

There are new articles available, click to refresh the page.
Today β€” 23 December 2024Main stream

WhatsApp scores historic victory against NSO Group in long-running spyware hacking case

23 December 2024 at 03:52

A US judge ruled that the Israeli spyware maker breached hacking laws by using WhatsApp to infect devices with Pegasus

Β© 2024 TechCrunch. All rights reserved. For personal use only.

Before yesterdayMain stream

Why Apple sends spyware victims to this nonprofit security lab

20 December 2024 at 06:13

Cybersecurity experts, who work with human rights defenders and journalists, agree that Apple is doing the right thing by sending notifications to victims of mercenary spyware β€” and at the same time refusing to forensically analyze the devices.

Β© 2024 TechCrunch. All rights reserved. For personal use only.

Serbian police used Cellebrite to unlock, then plant spyware on, a journalist’s phone

15 December 2024 at 22:05

Amnesty said it found NoviSpy, an Android spyware linked to Serbian intelligence, on the phones of several members of Serbian civil society following police stops.

Β© 2024 TechCrunch. All rights reserved. For personal use only.

Researchers uncover Chinese spyware used to target Android devices

11 December 2024 at 06:32

The spyware, called EagleMsgSpy, has been used by Chinese law enforcement, according to cybersecurity firm Lookout.

Β© 2024 TechCrunch. All rights reserved. For personal use only.

$1 phone scanner finds seven Pegasus spyware infections

In recent years, commercial spyware has been deployed by more actors against a wider range of victims, but the prevailing narrative has still been that the malware is used in targeted attacks against an extremely small number of people. At the same time, though, it has been difficult to check devices for infection, leading individuals to navigate an ad hoc array of academic institutions and NGOs that have been on the front lines of developing forensic techniques to detect mobile spyware. On Tuesday, the mobile device security firm iVerify is publishing findings from a spyware detection feature it launched in May. Of 2,500 device scans that the company's customers elected to submit for inspection, seven revealed infections by the notorious NSO Group malware known as Pegasus.

The company’s Mobile Threat Hunting feature uses a combination of malware signature-based detection, heuristics, and machine learning to look for anomalies in iOS and Android device activity or telltale signs of spyware infection. For paying iVerify customers, the tool regularly checks devices for potential compromise. But the company also offers a free version of the feature for anyone who downloads the iVerify Basics app for $1. These users can walk through steps to generate and send a special diagnostic utility file to iVerify and receive analysis within hours. Free users can use the tool once a month. iVerify's infrastructure is built to be privacy-preserving, but to run the Mobile Threat Hunting feature, users must enter an email address so the company has a way to contact them if a scan turns up spywareβ€”as it did in the seven recent Pegasus discoveries.

β€œThe really fascinating thing is that the people who were targeted were not just journalists and activists, but business leaders, people running commercial enterprises, people in government positions,” says Rocky Cole, chief operating officer of iVerify and a former US National Security Agency analyst. β€œIt looks a lot more like the targeting profile of your average piece of malware or your average APT group than it does the narrative that’s been out there that mercenary spyware is being abused to target activists. It is doing that, absolutely, but this cross section of society was surprising to find.”

Read full article

Comments

Β© Getty Images

Russian programmer says FSB agents planted spyware on his Android phone

5 December 2024 at 03:00

Security researchers confirmed the programmer's phone had spyware, likely during a spell in Russian detention. The programmer told his story to TechCrunch.

Β© 2024 TechCrunch. All rights reserved. For personal use only.

Business leaders among Pegasus spyware victims, says security firm

4 December 2024 at 06:00

The mobile security company said it detected Pegasus spyware attacks on seven iPhone owners, including government officials and a business leader.

Β© 2024 TechCrunch. All rights reserved. For personal use only.

Poland arrests former spy chief in Pegasus spyware probe

2 December 2024 at 10:40

The former head of Poland’s internal security agency Piotr Pogonowski was forced to appear in front of a parliamentary committee investigating the alleged abuse of Pegasus spyware in the country.

Β© 2024 TechCrunch. All rights reserved. For personal use only.

Apple says Mac users targeted in zero-day cyberattacks

19 November 2024 at 15:45

Apple said the security update for Macs, iPhones, and iPads is "recommended for all users."

Β© 2024 TechCrunch. All rights reserved. For personal use only.

❌
❌