gtag('consent', 'update', { 'ad_storage': 'granted' }); NSO Group’s iPhone Zero-Days
top of page

THREATS

The Threat

NSO Group’s iPhone Zero-Days

Ahmed Mansoor, an internationally recognized human rights defender, received SMS text messages on his iPhone promising “new secrets” about detainees tortured in UAE jails if he clicked on an included link.

The text messages were a trap of unprecedented complexity. That single link would have leveraged three separate and highly serious exploits in iOS — executing arbitrary code through WebKit, gaining access to the kernel, and then executing code with elevated (root) privileges. The result would have been a one-step jailbreak with malicious code injected under the hood — granting complete access to all the phone’s data and communications. The attack on Mansoor was performed via the Trident, a chain of zero-day exploits designed to infect his iPhone with sophisticated commercial spyware. It appears to have used Pegasus, a remote monitoring solution sold by NSO Group Technologies Ltd.

Original source: The Citizen Lab. Read the full article >>>

The IntactPhone Protection

The Trident attack is clear evidence that iOS devices are not safe as many tend to think. The IntactPhone protection strategy is to minimize the attack surface resulting in blocking possible threat vectors. The attack surface is reduced by controlling all the aspects of the communications:

  1. Who has sent it?

  2. What it contains?

  3. Is something suspicious about it?

  4. What can the user do with it?

  5. What can it do on the device? 

 

Here are some of the IntactPhone protection mechanisms:

  1. Fence the communications to be only within enrolled devices.

  2. Disguise the users’ identities.

  3. Limit the ability to access users by pre-defined groups.

  4. Block SMSs by type.

  5. Filter out attached media items.

  6. Disable included links in communications.

  7. Control the access to websites.

  8. Run the browser with low system privileges

  9. Camouflage the access to device's resources.

  10. Limit the access to privileged resources (such as microphone, camera, etc.)

 

Hackers use sophisticated exploits to manipulate the device data and behavior; however, they have limited number of access points. Smart and tight control over these points will harden the mobile device, producing a better secure and safe phone.    

bottom of page