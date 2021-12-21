Google’s Project Zero, the team that has sought to improve internet security since its inception in 2014, has discovered a very powerful exploit. Researchers say it’s “one of the most technically sophisticated exploits we’ve ever seen, and that is at the level of attacks by the spies of the most advanced nation-states“.

ForcedEntry for iOS has been Developed by Israeli hacker group NSO Group. It should be remembered here that ‘NSO Group’ is an Israeli company responsible for the development of Pegasus (spyware with which Jeff Bezos was allegedly hacked), as well as code capable of installing spyware in applications such as WhatsApp.

How this exploit works

The exploit, known as ForcedEntry, takes advantage of the way iMessage interprets files like GIFs and it manages to open a PDF without requiring any user intervention. It uses an old compression tool from the 90s that was used to process text for character recognition in image scanners.

Once the malware is on the device, it can create a kind of virtual machine in which to run javascript-like code without connecting to external servers. You can then send the cyber attacker access to the iPhone’s passwords and microphone. What makes this exploit especially advanced is that while the original exploit of NSO needed the user to click on a link, this latest version doesn’t even need that.

The spyware from the NSO group, Pegasus, has been in the news since 2016. From affecting Jeff Bezos’s iPhone to being used in our country with Catalan politicians. In September of this year, from the security firm Citizen Lab reported a new critical vulnerability affecting iMessage called ‘Forcedentry’. Apple released a security update at the time that corrected that vulnerability.

