Israeli Security Firm Claims Spyware Tool Can Harvest iCloud Data in Targeted iPhone Attack

An Israeli security firm claims it has developed a smartphone surveillance tool that can harvest not only a user's local data but also all their device's communications with cloud-based services provided by the likes of Apple, Google, Amazon, and Microsoft.

nso israeli surveillance firm
According to a report from the Financial Times [paywalled], the latest Pegasus spyware sold by NSO Group is being marketed to potential clients as a way to target data uploaded to the cloud. The tool is said to work on many of the latest iPhones and Android smartphones, and can continue to harvest data even after the tool is removed from the original mobile device.

The new technique is said to copy the authentication keys of services such as Google Drive, Facebook Messenger and iCloud, among others, from an infected phone, allowing a separate server to then impersonate the phone, including its location.

This grants open-ended access to the cloud data of those apps without "prompting 2-step verification or warning email on target device", according to one sales document.

Attackers using the malware are said to be able to access a wealth of private information, including the full history of a target's location data and archived messages or photos, according to people who shared documents with the Financial Times and described a recent product demonstration.

When questioned by the newspaper, NSO denied promoting hacking or mass-surveillance tools for cloud services, but didn't specifically deny that it had developed the capability described in the documents.

In response to the report, Apple told FT that its operating system was "the safest and most secure computing platform in the world. While some expensive tools may exist to perform targeted attacks on a very small number of devices, we do not believe these are useful for widespread attacks against consumers." The company added that it regularly updates its operating system and security settings.

The news raises concerns that such spyware could be used by repressive regimes and other shady attackers to monitor members of the public. In May, for example, WhatsApp disclosed a vulnerability that allowed hackers to remotely exploit a bug in the app's audio call system to access sensitive information on an iPhone or Android device.

Security researchers said that the spyware that took advantage of the WhatsApp flaw featured characteristics of the Pegasus spyware from NSO Group, which maintains that its software, costing millions of dollars, is only sold to responsible governments to help prevent terrorist attacks and criminal investigations.

However, the WhatsApp flaw was used to target a London lawyer who has been involved in lawsuits against the NSO Group, and security researchers believe others could have been targeted as well.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Popular Stories

Generic iOS 18 Feature Real Mock

iOS 18 Available Now With These 8 New Features For Your iPhone

Sunday September 15, 2024 10:09 am PDT by
Following over three months of beta testing, iOS 18 was finally widely released to the public on Monday, September 16. The update is available in the Settings app under General → Software Update on the iPhone XS and newer. Below, we have highlighted eight key new features included in iOS 18, and Apple shared a complete list of new features and changes last week. Note that Apple...
iOS 18 Public Beta Thumb 1

Here's When iOS 18 Rolls Out Today in Every Time Zone

Monday September 16, 2024 3:56 am PDT by
It's that time of year again. Apple is about to release iOS 18, which promises to bring a range of new features and improvements to iPhones worldwide. It's Apple's biggest software update of the year, and the company is expected to release it sometime today – Monday, September 16. Based on past releases, the update is likely to drop at around 10:00 a.m. Pacific Time/1:00 p.m. Eastern...
apple silicon mac lineup wwdc 2022 feature purple

M4 Macs, New iPad Mini, and iPad 11 Expected at Upcoming Apple Event

Sunday September 15, 2024 5:29 am PDT by
Apple will likely hold another event in October this year to announce new Macs and iPads. If so, it would be the fourth time in the last five years that Apple has held an event in October. Last year, Apple held a virtual event on Monday, October 30 to announce new MacBook Pro and iMac models with the M3 series of chips. In his Power On newsletter today, Bloomberg's Mark Gurman reiterated...
M4 Mac mini Black Ortho Cooler

Apple Leaks New Mac Mini With 5 USB-C Ports

Monday September 16, 2024 11:40 am PDT by
Apple has seemingly leaked the rumored next-generation Mac mini with five USB-C ports, according to a code change within Apple software that was discovered today by MacRumors contributor Aaron Perris. The code refers to an unreleased Mac mini model with an Apple silicon chip and five ports, which lines up with a previous report from Bloomberg's Mark Gurman that said the next Mac mini will be ...
16 pro

iPhone 16 Pro Demand Has Been Lower Than Expected, Analyst Says

Sunday September 15, 2024 3:58 pm PDT by
Apple analyst Ming-Chi Kuo today said demand for the iPhone 16 Pro and iPhone 16 Pro Max has been "lower than expected" since the devices became available to pre-order in the U.S. and dozens of other countries on Friday. Kuo said his data is based on a "supply chain survey" and shipping estimates listed on Apple's online store. Kuo estimated that sales of all four iPhone 16 models reached...
Beyond iPhone 13 Better Blue Face ID Single Camera Hole

10 Reasons to Wait for Next Year's iPhone 17

Friday September 13, 2024 2:40 am PDT by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models simultaneously, which is why we sometimes get rumored feature leaks so far ahead of launch. The iPhone 17 series is no different – already we have some idea of what to expect from Apple's 2025 smartphone lineup. If you plan to skip...

Top Rated Comments

Mactendo Avatar
68 months ago
As they are a company in a fairly western democracy, that will be regularly audited by both government and private regulators and accounting firms, the liklihood of what you're claiming is probably low.
Oh, please.
Score: 30 Votes (Like | Disagree)
thasan Avatar
68 months ago
their claims about selling it to only legitimate authorities are as filmsy as it gets.
i wonder who audits their claims
Score: 28 Votes (Like | Disagree)
Pbrutto Avatar
68 months ago
Not surprised, encryption of iCloud communication and storage has been a frequently mentioned topic. If Apple gets on full encryption, we would all be better off.

Also, can we talk about how Apple isn’t offering iCloud Mac backups yet? Think of how much $ they are leaving on the table. Actually, I’m shocked they aren’t ready for this yet, they would be raking in the cash from people upgrading their storage to do backups.
Score: 22 Votes (Like | Disagree)
Osamede Avatar
68 months ago
"Responsible governments."
Snowden revelations say they are all uniformly irresponsible when it comes to disrespect of privacy. So it’s all one big kabuki theatre then...
Score: 19 Votes (Like | Disagree)
Phil A. Avatar
68 months ago

If you use 'Documents in the cloud' then your Mac is effectively backed up already.
I'd have to disagree with that statement - while a synced copy of your documents on iCloud is better than nothing, it is definitely not a backup.

Firstly, Anything that isn't in the synced folders doesn't get copied over to iCloud

Secondly, I believe versions only exist for iWork documents so if you mess up any other kind of document or it gets encrypted by ransomware for example, that messed up copy will immediately sync to iCloud and any other device connected to it and if there are no versions stored then you have lost it

In my view, backups should be immutable and no sync service can replace a backup
Score: 16 Votes (Like | Disagree)
jayducharme Avatar
68 months ago
The cat-and-mouse game continues. There will be a market for this as long as governments don’t trust their citizens and citizens don’t trust their government.
Score: 14 Votes (Like | Disagree)