Mobile Espionage in the Wild: Pegasus and Nation-State Level Attacks
HTML-код
- Опубликовано: 21 сен 2024
- This briefing will take an in-depth look at the technical capabilities of mobile attacks that are being leveraged against real targets for the purpose of espionage. We will focus on Pegasus, a lawful intercept product, and the features and exploit chain it used. We will describe how we discovered and tracked the developer’s infrastructure prior to the attack, and how we later caught a sample of the elusive malcode being used against a prominent human rights defender.
by Andrew Blaich, Max Bazaliy, Seth Hardy
Full Abstract: www.blackhat.c...
Remember kids. Hacking is illegal, unless it's for government interest.
money printing is illegal unless ..
@@georgesamaras2922 lmao
So is murder I guess
its only illegal if they have a bigger army than you. Once you have more nukes and soldiers they are no longer a recognized as a government.
Lol
Insanity that this story (Pegasus in general) has been circulating for 4 years and only now is it getting the spotlight. Thanks for recommending this RUclips, hope it's got millions when I check back.
Because International amnesty finished its investigation and they have published the numbers of hacking that have taken place
@@kalapitrivedi6966 there's that but there were almost equally earth shattering revelations about this software prior to the Amnesty report. It's not the list that scares me, it's the capabilities and proliferation, which I think was known. It was known this was used against dissidents 4 years ago. Should have been headline news yet its still struggling to gain primacy in the cycle.
@@johnnymatias3027 you are right.. Privacy is a myth..
@@kalapitrivedi6966 that list is absolutely bullshit and idk why amnesty released it at all, or that they let the story get to this point. They fucked it up so bad people will probably just forget about this entire story.
5 years to be precise !
So relevant today.
Very relevant today.
ruclips.net/video/fR_oNsx4rAE/видео.html
Sahi pakde ho. Mota bhai wants to know your location
@@pranshuchittora5444 Nepal
Even now 2 years later many people are talking again about them
This is a certified "i warned you" classic
It is sad this wasn't available on youtube in 2016.
Public press when they learn about the Pegasus this year: "I'm SHOCKED! "
Researches who know about it for years: "Yeah big surprise".
Yeh! this is creepy
Importance is being realised now
Thank you so much for posting this. it's really nice to see these details!
Having a business selling zero-days is IMMORAL! There is no justification! If it were bank vaults instead of computer software people would call your business a criminal enterprise.
The terrorism excuse will always work. Look at the Partriot Act, Americans willingly gave up privacy in order to "flight global terrorism". "If you're not doing anything wrong, why should you care if the government is monitoring you?" - people like my parents. People are unwilling to believe that their governments are capable of ruining people's lives that don't deserve it. Neither are they willing to believe that reporters and other people fighting for change, human rights, and transparency will be targeted.
Thinking long term we are looking at serious criminal activity by nation states. Combined with the lockdowns pushing people to use phones more + all the uh.... side effects, "bluetooth challenge" etc, pretty clear something diabolical is going on.
Well protecting big corps is also immoral. In fact any time a dollar gets exchanged everything is immoral. No one should sell out like this tho. Its lame.
@@AnonYmous-spyonmepls comparing capitalism, even the shitty state capitalism we have, to a company that sell's 0days to the highest bidder is dumb.
The worst part is that: there is nowhere to run. If it is not a private company is your local gov. trying to spy on you. Truly, the most important skill set of this century is hacking in general.
Yeah. There's no putting this back
I love how all of these has never put a terrorist away
That's because the software is produced by IsisRaEl and only RESOLD to terrorists. (i.e. Other Socialists, Communists, Fascists, and psychopathic monarchical totalitarians. ;-)
only created angry aware dissodants :)
@@davidkuitunen5286 Yes, and the (common ground, now ever enlarging % of) "citizen activists" (as well as those silently waiting, for the STHTF) communities are now very FED UP... particularly after the last two year 'psyop' saga, worldwide... but moreover, so are half +/- of the world's police, militaries, mercs, Freemasons, knights, etc., I would imagine??? (And once the "V" (for Vindication) 'dominoes' begin to FALL... LOL... I wouldn't want to be a .01- .000001%er! They can SPY all they want... noone with half a brain is online "talking and typing about, their plans." FOOLS!! ;-)))
@@williamtiffee3799 I'm a mercenary butt pirate with freemason grandparents. I'm offended.
@@davidkuitunen5286 Aren't we all. (My mother's grandfather was a bishop, 33 mason and Templar. The PAIN...) Keep your "power dry" for the IH$ army opps, and 'vent' by messing with the PC narc and psycho minion desk jockeys (the flies) hiding behind their computers in "gov intel" outsourced cubicles, worldwide. (Then go to the gym, range, or bang their gf while they're doing Lucifer's work... to blow- off some steam.) The SJWs will self- destruct, soon enough... when the FEMA/= encampment brigades, come a' knockin' ;-)
This aged well
Sho did
Had to turn on CC to understand this guy, which covered the exhibits. Nice.
Finally something worth watching
FYI, a military surplus ammo box works as a blocking box for cell phones, don't waste money on a faraday box.
The fact that youtube recommended this after the Pegasus scandal hit shows how much youtube cares
video date is Jan 2020, 1.5 years
So how would u clean ur phone or know if its been compromised
@@Will111ism clean your phone? If you are not an individual who is working for foreign government, terrorists, dealing in Arms trade, smuggling etc.. you are not the target, and if you are, you can buy a new phone.
@@SumanRoy.official good advice
As for buying new phone. Well because of this Government I have now no job no nothing due to this WORLD #GRAB 🙏🏴🌐 Peaceup #Cayce
@@SumanRoy.official you are a target if you disagree with the government in almost all countries
But I read somewhere that even a missed call is enough to get the spyware into your phone. Is it correct?
Correct. They do not even need you to click links anymore. Devices can now be breached just by them calling you.
Yeah
@Syme Doubleplusgood The mention I saw was to Whatsapp calls - and it does look like it is in fact possible. This is no sensationalism at all
Btw, the video here is from black hat europe 2016. That's a long time ago..
@Syme Doubleplusgood this was iOS, not Android
Only the recent reporting said nothing about iOS. They made it look as if ALL phones (Androids too) are affected.
The NSO will be there through one or more mobile phones of the visitors. Big brother is watching you, all resistance is futile!
i Admit i dont know anything about what these dudes are talking about but since I heard about this on the newsfeed, it became really interesting.
I assume that Signal is not in the targeted list because it was not as relevant in 2016?
I would assume that more recent versions intercept Signal, too.
The whole world knows what happened and who did it. The questions is, what're you gonna do to prevent it? If you can't do anything in this regard, it's useless 😒.
no they dont know what happened and what this is about. they think that you can always be surveilled 24/7 by governnment so pegasus is not a problem at all. this stupidiy and resignation is the problem.
Three might be some solution like , need to be use separate processor for network stack including browser, so that direct attack can be avoided .
LoL
Said processor would need to talk to main processor regardless, just to mention one out of countless weaknesses in said implementation.
@@martint5340 separate processor means that must run separate OS with Tcp/ip stack and data must be pass by data bus at least on application layer. We know network layer and transport layer are sensitive to zero click vulnerabilities .
have you ever heard of sandboxing
and also sandbox escape vul
dude you got a lot of HW
@@capravasranjan2121 what you are askign for is not practical in no shape or form
Is there a Adguard or Pihole blocklist for the domain's of pegasus so Day2Day users can have a extra (Little) layer of protection against them?
Pegasus in news again
👏
I like the part where he says on how it returns I've been seeing a lot of things on my phone saying returning
IF Only sold to govt are they charged once or every time they spy on individual ? How can it be blocked or not allowed ?
Video is from 1 year before...now only the comments section is active ......
It's actually 5 years old news,
Somebody here is not the best mather 😂
I found Pegasus on my cellular device that was distributed to me by a company called SafeLink wireless who do I need to contact to find out who installed Pegasus on my operating system or device
this is from 2016? they use voicemail now for remote jailbreaks.
It’s like a commercial for government surveillance
this is so relevant
We need something like Pegasus for all people regardless of status and for free.
It'll be a shitfest for sure. "Anyone can spy" that's the slogan.
yeah waitimg for a chinese clone on aliexpress looooool
1:55 dont they have a zero click exploit that was in the news recently.
Pegasus is known as "zero click" spyware tools, Pegasus will not send "link" to make somebody click the link, now Pegasus is more advance, Pegasus need no link to intercept mobile target.
Pourquoi l'information ne sort qu'aujourd'hui dans les médias mainstream ? Cette vidéo a été mise en ligne il y a déjà 1 an...
Relevant, this is.
1:52 - Stares at my phone
1:55 - Intensifies
Thank you....clear and very informative....you have my five....
Welcome to Hungary 2021 (2018 really ) :D
same in india .
Hülye vagy...
Can somebody explain this code again with an English accent? Would love to see a video on this. Even if the code is old
for real what the fuck did that guy say lool
Most people don’t give a shit bout this because they have lives, however advertising is the biggest culprit of all
From God to Kane to Seth :D
I'm not mad that this exists, I'm mad that they used it against innocent people.
"Innocent" is subjective, is the problem here. These totalitarian governments don't think people calling for freedom are "innocent". So really what you mean is "it's okay for my team to use it."
But if it exists, others will also find ways to use it, so I'd prefer if this didn't work to begin with. That's why you don't want government backdoors in your software.
@@voxelfusion9894 you have a point.
Ayo are you romanian? Your name kind of sounds like one lol
@@nadwa0001 yeap.
Q: are any of the security researchers associated with universities or it all NGOs and what not?
If audience is any indicator, BH USA is a hell of a lot more fun than BH EU.
Great information but unfortunately the second speaker's English is very unclear. Do you have any English subs for the very unclear English tongue? Here's a good tip for you, when speaking to a primarily English-speaking audience it's a good idea to speak clear English that can be understood otherwise there's no point.
I wish I could follow the 2nd speaker but it's impossible to understand a thing with that dialect, nervosity and speed
Literally got hit with this. Not really sure why I was chosen.
how do you know?
@@wumbl3 because I found multiple indicators of compromise. I found Pegasus api in my system files. Hiding as a legitimate system call on 2 of my iPhones
@@tonyzone8999 I see. Mustn't of been the newest one that can self destruct.
Pegasus has 2 huge warehouses in Sacramento that has thousands of employees who are refurbishing apple phone for resale. My daughter worked there for a short time as well as her friend. They do millions of phones changing out many parts 🤔 this makes me think if there could be a connection to this Pegasus your talking about 😳
Pegasus is the name of the Software not the company. Also I dont think that they would do something like this.
The more devices this is installed on, the faster people will discover this. Its best to only install it on important targets, not millions of random devices.
@@unclejoe8310 I was going to say 😳 that would be crazy. It would be like mass surveillance and invasion of all citizens. The only way they would be able to keep up is if they flagged key words that notified them to keep a closer eye on that target most likely or maybe key words activate the virus. That would be something wouldn't it 😟
@@calicornnor6892 Communist Party in China is already mass spying on mobile phones. The even install cameras in each street to track people on every step. The pictures are continuously analysed by AI. They tell their AI is able to distinguish all citicens by their face.
@@vikypond3183 yes I know but the street camera's are from our own government who adopted the idea from China.
@@calicornnor6892 Besides the ccp never buys products from western countries. I know alot about living in a dictatorship. I lived in communist eastern Europa before the cold war ended, once it was possible I emigrated to west Europe. Also I know many Asian people, including Chinese people which where arrested and vanished (killed most propably), because they demonstrated in Hongkong (peaceful and legally, before covid).
Western democracies (US, Europe) are like pure freedom. We have to watch out for people trying to change this, but currently even more we have to watch out for foreign influences trying to destabelize democracies.
I have seen to much posts telling lies about USA.
I recomend this channel, it's authentic.
ruclips.net/video/8xhZ9nuJRHE/видео.html
You can do alot of improvement just by buying from democracies only / avoid to buy from dictatorship countries.
Note that this also helping the people in the dictatorships, because their workforce is not occupied producing export products, while they would otherwise produce basic things for themself or even get rid of the dictator; while money from exports mostly ends up in the hands of the dictatorship forcing workers to work cheap.
I'm suffering terrorism issues in Sudbury Ontario they are using SSL or tsl packets and illegal communications.
I'm suffering terrorism issues in Sudbury Ontario they are using SSL or tsl packets and illegal communications or even Pegasus.
and 🇮🇳 used it on journalists, opposition
where can i watch this to be explained like a stupid that i am ???
iOS can be easily compromised ! need to install system and patch files every day
Oh shit I just did a bit of digging and it turns out that my country Mexico is a top customer of these big 3 companies, HackingTeam, NSO Group and Finfisher, according to leaked information. Well hopefully I'm not high profile enough to be spied on.
So what can you do to wipe it off your phone !
Update iOS, they patched it
Get a new phone.
It's a dark world today starlets go naked saying someone filmed us
secretly for popularity of Dare we bare. The Pegasus SW wants to sell
showing its notoriety in peeping into the privacy of others. Till now
big customers were buying now buy more so that you can peep everywhere.
The Pegasus home country is a bastard of sorts.Finally Pegasus sells
Yeaaa next year IPO.
Going forward A husband spy on Wife and Vice versa, A company spy on its
Employees Vice versa, .... List goes on a suspicious world of
deception. Pegasus comes with a leaner version to sell to everyone
i have a demo but not working with url
CEMAL KAŞIKÇI'nın ölüm sebebi.
en.wikipedia.org/wiki/Jamal_Khashoggi here, another case, the washington post journalist brutally murdered.Pegasus was there too...
this is a much more recent one.
means the starting point is that link came from message ? if yes then can you identify the service installed at os so that we could identify and remove those from our phone os ?
I don't think so as Pegasus idk about other spywares, generally installs itself onto the software kernel which is the heart of the phone and it's software so whatever it is a service or an app that makes it works cannot be removed by normal people like you and me as it's hidden in the system core and cannot be detected let alone removed easily.
The only thing you could do after it affected your phone is change the phone without restoring any data back from the hacked phone including signing in to your google accounts and any previous stuff that was on your phone including the sim card. And that too probably might not work for long, as soon as the govt gets to know about your new sim card and your new phone number, it'll again try to send a Pegasus attack your way
@@hackbaba999 ok, so that means our phone's os is comprised not machine, cant we just reinstall the full os by wiping out the previous one ?
@@parmsoftech you could do that, i mean if it's a Pegasus exploit then u might even need to change your phone's kernel and rom with a custom one if it's Android. But i don't think that u can change kernels on Ios coz nobody makes custom kernels for iphones. You can find custom roms and kernels for Android easily but it's definitely harder to do anything on IOS
@@hackbaba999 you mean even rom programs are effected ? isn't that read only memory ? how can someone i mean pegasus alter the rom ?
Has this been patched?
Is it able to infect Windows too?
this specific exploit was patched since 2016 but there is always some other way to do it
@@anayman7you can remove a patch
Wtf with the 2nd guy keep choking on his own saliva?
😮
How it can be useid
How can I get that app ??
yup, big tech has gone too far! and to think that the companies and groups that are creating this nasty stuff are only a fraction compared to places like google and apple
It's rising
Just hope they didn't sold it to Myanmar junta. That d literally throw away the ongoing democratic revolution (where revolutionaries have to stay at silence in mountains and jungle alike),
Why is no privacy ??
Can Pegasus hack Kindle Fire?
Will your davice get infected when you click on the link but Javascript is disabled?
No
That's the old way to doit now they just need you phone number. Ko rogan gust said yesterday
"Smart" phone.
+10
Hacking is a two way street.
That's what I was thinking, would it be possible to have a counter spyware that gets sent to them with the data packets? Not that I know anything about programming
if u want to check ur infected or not, check ur sys files via file explore look for unusual files in root folder.
How will i know that it's malware?
Pegasus is not that stupid software,
There r millions of legitimate files u won't be able to identify any unusual files
@@sidrahishtiyaq5412 there are default files/folder in shown video check if these default folder files have modified
is that app exists for public.. Pegasus File OICs (Pegasus Checker) ???
@@HERKELMERKEL NO,
Is no one gonna talk about how similar he looks to *Snowden* I very much clicked this video thinking it's him.
Nice profile pictures
they all look like snowdens.
Looooool awkward
Pro tip, if your English is "mildly average" or even "hard to understand" speak SLOWLY! my goodness ...
No watching me
Why is iOS not fixing this vulnerability??
they will fix it, it takes time depending on spyware i.e how complex it is & some apple official said that it takes millions of dollars to make something like Pegasus
he litterally said in the beginning of the video they fixed it in 10 days after this groupe discovered the used vulns -_-
@@aminebrahmi8034 The pegegus is updated this time .
Oftentimes the entities who use these attacks are spear phishing only and so it doesn't really get widely used. Which means Apple doesn't even know where to look to find the bugs.
@@MrArun9706 ofc it is updated , but to his question, it's not like apple or any other company not fixing the bugs intentianlly , it's fixed in very short times AFTER they or someone discovers the vulns and reports to them, in this case it was a record time of 10 days only
2:40 ... So every government then lol.
I thought the same thing. This is a pitch for their tech people.
The fact that apple fixed it in 10 days is commendable
The fact that it took Apple 4 years to fix this, even though it has been in the open that long, is ridiculous.
@@tom9380 understood, every idea has its own fault, no system is perfect
@@RudhinMenonbut if it would happen to android you would be bashing android😊
@@Teluric2 like I said, no system is perfect and I would like to believe as a developer that everyone is trying their best 🙌🏽
And how to check your device on these things installed? No one asked. No one!
NAILS THE FBI
Wow
One year later?
THEY ARE PUBLIC INFOS AND CAN BE USED FOR TRANSMISSION TO BETTER UNDERSTAND THE PHENOMENON OF FALSE NEWS OR BETTER TO UNDERSTAND EACHOTHER SO TO SAY!!!
DO IT!!!
he russian ?
Just little .
.
You guys do realize that the attention that happened recently is for the "megalodon/FORCEDENTRY" ZERO CLICK zero day exploit that NSO moved to using after "trident" (this one) was exposed right? The surveillance RAT Pegasus framework is the payload and access system they use after they compromise the device. What's important is how they gain access to kernal code execution after that they could make your wallpaper a dick pick or remote surveillance... The new exploit doesn't even require you to touch anything... You never see anything happen or notice ny changes... They send a .gif that's actually a pdf with a hidden (somehow) imessage you never get to instantly root your phone all they need is a phone number.
.
Hats off to Israel. NSO group should be rewarded.
Wat
@@mattmmilli8287 if hacker hacks ur website would u punish him or reward!
What the source code of pegasus
hahahahh xD i hope ur not serious xD
😂 common that is not something which is open sourced
At first I thought it was another piece of software using common vulnerabilities. But according to the experts, this is a very sophisticated piece of software that crafts it's way to super user all the way.
Whoever wrote it really knows deeply how data, encryption, OS and networking works. Probably, it was done by a team of experts.
Type sudo apt install pegasus into a Terminal screen.
My nephew has the code.
welp people disable java script on your devices and make white lists only on stuff you trust
The misuse is way way more ! Should be just banned from India !
You don't really understand anything what all this means do you?
It is not a app from Google Play that can be banned, its a spyware
Bru😭😭😭🤣😩
I'm suffering terrorism issues in Sudbury Ontario they are using SSL or tsl packets and illegal communications.
.