Just when the The Israeli spyware scandal Pegasus has drifted somewhat out of the mind of an iPhone user, Apple was forced to release an emergency iOS 14.8 update to fix a vulnerability in iMessage it was exploiting.
A similar feat, however, was already developed a long time ago by an American company, reports MIT
, and sold to the United Arab Emirates for $ 1.3 million, giving the kingdom a powerful tool to spy on its targets.
The company in question is called Accuvant, now merged with Optiv, and the latest US Department of Justice files reveal how the sale was facilitated by a group of three former members of the US military and intelligence services, for whom they are now fined $ 1.68 million by the DoJ.
According to the main investigator of the scheme, Bryan Vorndran, deputy director of the Cyber Division of the FBI:
The FBI will thoroughly investigate individuals and businesses who profit from illegal cybercrime activities. This is a clear message to anyone, including former U.S. government employees, who has considered using cyberspace to mine export controlled information for the benefit of a foreign government or foreign trading company. – there is a risk, and there will be consequences.
With Pegasus, it was easy to blame the culprit – an Israeli company that developed the spyware – but the simple fact that an American company did it and then sold iMessage’s latest exploit. should be confusing to anyone with an iPhone, heretofore considered less penetrable by such intrusions than Android handsets.
The old people of Accuvant, for example, left behind Grayshift, the tool used by law enforcement to unlock your iPhone and monitor your communications, as the market for such hacks is only growing in scope and importance, and it’s no coincidence that iMessage is their primary target.
“The app is included by default on every Apple device. It accepts incoming messages from anyone who knows your number. There is no way to uninstall it, no way to inspect it, nothing a user can do to defend against this kind of threat beyond downloading every Apple security update ASAP.“Cybersecurity analysts say. Disappointed.