Russia is targeting journalists with Pegasus spyware

[DragonSlayer101]

What just happened? Apple has reportedly warned multiple Russian journalists that they have been the targets of state-sponsored cyberattacks, most likely by Russia. The U.S. tech giant is believed to have discovered the attacks earlier this year when it detected the notorious Pegasus spyware surreptitiously installed in the iPhone of Russian journalist Galina Timchenko and immediately alerted her about its findings.

According to The New York Times, Timchenko may be the first known instance of the Russian state machinery targeting a journalist with Pegasus, but she is not the only one to have fallen prey to the Kremlin's clandestine surveillance operations. Many other independent Russian journalists have since received such alerts from Apple, warning them that they might have been targeted by 'state-sponsored attackers.'

An investigation by watchdog Access Now in collaboration with Citizen Lab at the University of Toronto's Munk School of Global Affairs and Public Policy found that Timchenko's phone was infected last January after the Putin administration declared her to be an 'undesirable (element).' Other independent Russian journalists have also reported receiving warnings from Apple about possible Pegasus infections in their phones, including Yevgeny Erlich of independent Russian media outlet, Current Time, and Maria Epifanova and Evgeniy Pavlov of Novaya Gazeta Europe.

Developed and distributed by the Israeli tech firm NSO Group, Pegasus has been known to be used by governments across the world to spy on dissidents, human rights activists, and journalists. Some of the countries that have used the software against their citizens include the UAE, Saudi Arabia, and Mexico, among others.

U.S. State Department officials have also reportedly been the targets of Pegasus in recent years. In 2021, many U.S. government employees in Uganda are said to have been targeted with the spyware, while Amnesty International also claimed that the software was used by rogue regimes to target activists and journalists around the world.

Described as a 'zero-click' spyware, Pegasus can be remotely installed on smartphones of targeted individuals to access their private and personal content, including photos, videos, contacts, messages, and more. The tool was once also used by an FBI contractor, but the agency canceled its contract with that company after facing intense pressure from civil liberties groups in the U.S. over privacy concerns. The U.S. has since blacklisted the NSO Group for allowing rogue governments to 'maliciously target' the phones of civilians.

Permalink to story.

https://www.techspot.com/news/100182-russia-targeting-journalists-pegasus-spyware.html

 

[netman]

"Russia is targeting journalists with Pegasus spyware"

... As if US is an angel and protects privacy...! US NSA has been doing the same thing for decades...!

 

[Ryno1]

So question then. I doubt that this Journalist left her phone lying around unlocked for someone to install something on it. Are governments pushing this via cell companies then? Seems to me the only way stuff would mysteriously get installed without a users knowledge.

 

[Lew Zealand]

So question then. I doubt that this Journalist left her phone lying around unlocked for someone to install something on it. Are governments pushing this via cell companies then? Seems to me the only way stuff would mysteriously get installed without a users knowledge.

Did you read the article? The answer is in the last paragraph.

You don't need physical access to install Pegasus spyware on an unpatched iPhone though Apple released patches a week ago to close a couple routes of install. But you can bet there are others yet to be discovered.

 

[Lew Zealand]

"Russia is targeting journalists with Pegasus spyware"

... As if US is an angel and protects privacy...! US NSA has been doing the same thing for decades...!

Got a link about the US Gov cyber-attacking journalists?

 

[Ryno1]

Did you read the article? The answer is in the last paragraph.

You don't need physical access to install Pegasus spyware on an unpatched iPhone though Apple released patches a week ago to close a couple routes of install. But you can bet there are others yet to be discovered.

Yes, yes I did read the article. The answer in the last paragraph does not say the precise delivery method except that it can be done remotely. Does that mean wifi? Cell carrier? What? Hence my question. And for something to gain admin level credentials to a device, it seems the Cell carrier would be the attack method unless there was a major exploit that was open via wifi, bluetooth or NFC. I was inquiring how these exploits were being delivered. So my question is not without validity.

 

[Lew Zealand]

Yes, yes I did read the article. The answer in the last paragraph does not say the precise delivery method except that it can be done remotely. Does that mean wifi? Cell carrier? What? Hence my question. And for something to gain admin level credentials to a device, it seems the Cell carrier would be the attack method unless there was a major exploit that was open via wifi, bluetooth or NFC. I was inquiring how these exploits were being delivered. So my question is not without validity.

Yes, the article here should have been more specific. Short article from BleepingComputer:

Apple zero-click iMessage exploit used to infect iPhones with spyware

Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain (dubbed BLASTPASS) to deploy NSO Group's Pegasus commercial spyware onto fully patched iPhones.

www.bleepingcomputer.com

Malicious actor can gain access by sending a specifically crafted picture to a user's iMessage causing a buffer overflow (as usual...) allowing code execution. The user doesn't even need to touch their phone as message apps automatically accept messages. Supposedly some of Pegasus' intrusions used this method but while this is now closed it's very likely there are others.

 

[Tantor]

Got a link about the US Gov cyber-attacking journalists?

Sure.

Here's a long article.
https://www.brennancenter.org/our-work/research-reports/social-media-surveillance-us-government

Journalists that refuse to go along naturally become targets for nullification or removal.

The US government has ALWAYS spied on its citizens and taken action when necessary. That goes back to George Washington's spymaster, John Jay, AKA Jonathan Jacob.
https://www.intelligence.gov/evolut...ary-war/birth-of-american-counterintelligence

You might also read about Queen Elizabeth's extensive spy network,
https://www.history.com/news/queen-elizabeth-spy-network-england

The problem is that Obama and Biden have been using these powers to target their political enemies. But what comes around goes around. If Trump gets into office, he'll return the favor. It's a slippery slope.

 

[Lew Zealand]

Sure.

Here's a long article.
https://www.brennancenter.org/our-work/research-reports/social-media-surveillance-us-government

Journalists that refuse to go along naturally become targets for nullification or removal.

Travel alerts and intelligence reports are not cyber-attacks. The rest is standard intelligence gathering, nobody has privacy. Not saying that's good, it's just reality.

 

[kiwigraeme]

The USA is careful not to overtly spy on it's own without warrants etc - that's why us Kiwis , Aussies etc do it for them - five eyes

It's one of those philosophical discussions
If a Jewish person has a goy partner and they pre-ask then to do this or that on the Sabbath - are they working on the Sabbath? - ie asking other five eyes partners to sift all texts, emails, phone calls - is that really not spying on your own people - end of day legality trumps morality