Israeli Security Firm Claims Spyware Tool Can Harvest iCloud Data in Targeted iPhone Attack

An Israeli security firm claims it has developed a smartphone surveillance tool that can harvest not only a user's local data but also all their device's communications with cloud-based services provided by the likes of Apple, Google, Amazon, and Microsoft.


According to a report from the Financial Times [paywalled], the latest Pegasus spyware sold by NSO Group is being marketed to potential clients as a way to target data uploaded to the cloud. The tool is said to work on many of the latest iPhones and Android smartphones, and can continue to harvest data even after the tool is removed from the original mobile device.

The new technique is said to copy the authentication keys of services such as Google Drive, Facebook Messenger and iCloud, among others, from an infected phone, allowing a separate server to then impersonate the phone, including its location.

This grants open-ended access to the cloud data of those apps without "prompting 2-step verification or warning email on target device", according to one sales document.

Attackers using the malware are said to be able to access a wealth of private information, including the full history of a target's location data and archived messages or photos, according to people who shared documents with the Financial Times and described a recent product demonstration.

When questioned by the newspaper, NSO denied promoting hacking or mass-surveillance tools for cloud services, but didn't specifically deny that it had developed the capability described in the documents.

In response to the report, Apple told FT that its operating system was "the safest and most secure computing platform in the world. While some expensive tools may exist to perform targeted attacks on a very small number of devices, we do not believe these are useful for widespread attacks against consumers." The company added that it regularly updates its operating system and security settings.

The news raises concerns that such spyware could be used by repressive regimes and other shady attackers to monitor members of the public. In May, for example, WhatsApp disclosed a vulnerability that allowed hackers to remotely exploit a bug in the app's audio call system to access sensitive information on an iPhone or Android device.

Security researchers said that the spyware that took advantage of the WhatsApp flaw featured characteristics of the Pegasus spyware from NSO Group, which maintains that its software, costing millions of dollars, is only sold to responsible governments to help prevent terrorist attacks and criminal investigations.

However, the WhatsApp flaw was used to target a London lawyer who has been involved in lawsuits against the NSO Group, and security researchers believe others could have been targeted as well.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Top Rated Comments

(View all)
Avatar
9 months ago

As they are a company in a fairly western democracy, that will be regularly audited by both government and private regulators and accounting firms, the liklihood of what you're claiming is probably low.

Oh, please.
Score: 30 Votes (Like | Disagree)
Avatar
9 months ago
their claims about selling it to only legitimate authorities are as filmsy as it gets.
i wonder who audits their claims
Score: 28 Votes (Like | Disagree)
Avatar
9 months ago
Not surprised, encryption of iCloud communication and storage has been a frequently mentioned topic. If Apple gets on full encryption, we would all be better off.

Also, can we talk about how Apple isn’t offering iCloud Mac backups yet? Think of how much $ they are leaving on the table. Actually, I’m shocked they aren’t ready for this yet, they would be raking in the cash from people upgrading their storage to do backups.
Score: 22 Votes (Like | Disagree)
Avatar
9 months ago

"Responsible governments."

Snowden revelations say they are all uniformly irresponsible when it comes to disrespect of privacy. So it’s all one big kabuki theatre then...
Score: 19 Votes (Like | Disagree)
Avatar
9 months ago


If you use 'Documents in the cloud' then your Mac is effectively backed up already.


I'd have to disagree with that statement - while a synced copy of your documents on iCloud is better than nothing, it is definitely not a backup.

Firstly, Anything that isn't in the synced folders doesn't get copied over to iCloud

Secondly, I believe versions only exist for iWork documents so if you mess up any other kind of document or it gets encrypted by ransomware for example, that messed up copy will immediately sync to iCloud and any other device connected to it and if there are no versions stored then you have lost it

In my view, backups should be immutable and no sync service can replace a backup
Score: 16 Votes (Like | Disagree)
Avatar
9 months ago
The cat-and-mouse game continues. There will be a market for this as long as governments don’t trust their citizens and citizens don’t trust their government.
Score: 14 Votes (Like | Disagree)

Top Stories

Kuo: Apple to Launch Several Macs With Arm-Based Processors in 2021, USB4 Support Coming to Macs in 2022

Thursday March 26, 2020 8:19 pm PDT by Joe Rossignol
Apple plans to launch several Mac notebooks and desktop computers with its own custom designed Arm-based processors in 2021, analyst Ming-Chi Kuo said today in a research note obtained by MacRumors. Kuo believes that Arm-based processors will significantly enhance the competitive advantage of the Mac lineup, allow Apple to refresh its Mac models without relying on Intel's processor roadmap,...

Apple Says MacBook Air With Retina Display Can Exhibit Anti-Reflective Coating Issues, Unclear if Eligible for Free Repairs [Updated]

Thursday March 26, 2020 8:16 am PDT by Joe Rossignol
Apple this week acknowledged that MacBook Air models with Retina displays can exhibit anti-reflective coating issues, as indicated in a memo shared with Apple Authorized Service Providers and obtained by MacRumors. "Retina displays on some MacBook, MacBook Air, and MacBook Pro computers can exhibit anti-reflective (AR) coating issues," the memo states. Apple's internal service documentation ...

Hands-On With the New 2020 12.9-Inch iPad Pro

Wednesday March 25, 2020 2:10 pm PDT by Juli Clover
Apple last week announced new 11 and 12.9-inch iPad Pro models, and as of today, the new iPads are arriving to customers. We picked up one of the new 12.9-inch models and checked it out to see just what's new and whether it's worth buying. Subscribe to the MacRumors YouTube channel for more videos. When it comes to design, the new iPad Pro models are identical to the 2018 iPad Pro models, but ...

Apple Considering Delaying iPhone 12 Launch 'by Months'

Wednesday March 25, 2020 12:51 pm PDT by Juli Clover
Apple is preparing to delay the launch of the 2020 iPhones expected to be equipped with 5G technology, according to sources with knowledge of Apple's plans that spoke to Japanese news site Nikkei. Apple has reportedly held internal discussions about the possibility of delaying the launch "by months" over fears of how well iPhones would sell in the current situation, and supply chain sources...

Hands-On With the New $999 MacBook Air

Thursday March 26, 2020 1:45 pm PDT by Juli Clover
Alongside new iPad Pros last week, Apple also refreshed the MacBook Air, adding more storage, faster 10th-generation processors, and an updated keyboard. We picked up one of the new machines to take a look at some of the upgrades added in the 2020 update. Subscribe to the MacRumors YouTube channel for more videos. Design wise, there are no real external changes to the MacBook Air's body,...

Apple Offering 90-Day Free Trials for Final Cut Pro X and Logic Pro X

Thursday March 26, 2020 2:58 pm PDT by Juli Clover
Apple is offering new free trial options for Final Cut Pro X and Logic Pro X, its video and audio editing software designed for professional projects, giving customers 90 days to try them out prior to a purchase. The new longer trial options will be beneficial to those who are working from home, including students who are no longer able to work in a classroom environment, and those who are...

Apple Watch Series 6 Could Feature Touch ID Fingerprint Sensor, Pulse Oximetry and Sleep Tracking Support

Friday March 27, 2020 11:28 am PDT by Juli Clover
The upcoming Apple Watch Series 6 set to be released this fall could include a Touch ID fingerprint sensor built into the crown of the device, according to Israeli site The Verifier, which cites "senior sources" who have worked with its staff for a "number of years" as the source of the rumor. It's not clear how the alleged Touch ID fingerprint sensor would be implemented, as the Digital...

Apple Launches COVID-19 Website and App With Screening Tool and Resources

Friday March 27, 2020 9:00 am PDT by Joe Rossignol
Apple today announced that it has released a new COVID-19 website and iPhone app with a screening tool and other resources to help people stay informed and take the proper steps to protect their health during the spread of the novel coronavirus. Apple partnered with the CDC, the White House Coronavirus Task Force, and FEMA on this initiative. The website and app allow users to answer a...

Deals: Huge Refurbished iPhone Sale Discounts iPhone 7, 8, X, XR, and XS (From $120)

Friday March 27, 2020 5:47 am PDT by Mitchel Broussard
Woot is back today with a big sale on refurbished iPhones, including markdowns on the iPhone 7, iPhone 7 Plus, iPhone 8, iPhone 8 Plus, iPhone X, iPhone XR, iPhone XS, and iPhone XS Max. Note: MacRumors is an affiliate partner with Woot. When you click a link and make a purchase, we may receive a small payment, which helps us keep the site running. As with every Woot purchase, those...

A12Z Bionic Chip in iPad Pro Allegedly a Renamed A12X With Extra GPU Core Enabled

Thursday March 26, 2020 6:35 pm PDT by Juli Clover
Apple's new 2020 iPad Pro models are equipped with an A12Z Bionic processor that's remarkably similar to the A12X chip in the 2018 iPad Pro models, offering little in the way of performance improvements. The A12Z does, however, feature an 8-core GPU while the A12X includes a 7-core GPU, which sets them apart, but new evidence shared by NotebookCheck suggests that the A12Z Bionic is simply a...