Why in news?
- The Washington Post and Amnesty International report claims that Pegasus spyware targeted journalists in India.
- This includes the founder editor of The Wire and the South Asia editor of the Organised Crime and Corruption Report Project (OCCRP).
- The intrusion was detected in October 2023 after Apple warned users, including MPs, of potential ‘state-sponsored attacks’ on. their iPhones.
What’s in today’s article?
- Organised Crime and Corruption Reporting Project (OCCRP)
- Pegasus spyware
- Zero click exploit
- News Summary
Organised Crime and Corruption Reporting Project (OCCRP)
- About
- The Organized Crime and Corruption Reporting Project is a global network of investigative journalists with staff on six continents.
- Founded in 2006, it specializes in organized crime and corruption.
- It publishes its stories through local media and in English and Russian through its website.
- Recent works
- The entity was involved in the coverage of Pegasus spyware as well as Panama Papers leak.
- The OCCRP conducted research and published a report on the Adani Group (AG).
Pegasus Spyware
- About
- Pegasus is a malware/spyware developed by Israel’s NSO Group.
- The spyware suite is designed to access any smartphone through zero-click vulnerabilities remotely.
- Once a phone is infiltrated, the spyware can access entire data on that particular phone.
- It also has real-time access to emails, texts, phone calls, as well as the camera and sound recording capabilities of the smartphone.
- Working
Zero-click exploit
- About
- A zero-click exploit refers to malicious installed on a device without the device owner’s consent.
- More importantly, it does not require the device owner to perform any actions to initiate or complete the installation.
- Specific exploit used in the present case involving Indian journalists
- The specific exploit allegedly in use on the two devices is called BLASTPAST (previously identified as BLASTPASS).
- It plays out in two phases.
- In the first, the attack attempts to establish a link with the Apple HomeKit - which gives users a way to control multiple smart devices - on the target’s device.
- The purpose of the first phase could be to determine how the device can be exploited or to keep it in sight for further exploitation in the future.
- In the second, some malicious content is sent via the iMessage app to the target.
- This phase is the one that delivers the full spyware payload.
News Summary
- A new forensic investigation by Amnesty International and The Washington Post has shown the use of the Israeli Pegasus spywareto surveil high-profile Indian journalists.
What does the report say?
- Background
- The journalists had received an alert from Apple that they were being targeted by state-sponsored hacking.
- Following which, these journalists provided their phones to Amnesty International’s Security Lab for testing.
- Report
- At the end of their examination, they reported finding traces of Pegasus’s activity on their respective devices.
- Security Lab concluded that a message to facilitate a zero-click exploit had been sent to these phones over his iPhone’s iMessage app.
