A Saudi woman iPhone revealed hacking to the world. NSO Group, an Israeli company, has gained notoriety as the world’s most advanced and cunning spyware maker. Debates and lawsuits are now hanging over the organization. But a Saudi woman was instrumental in turning the tide against the once-successful technology company.
It all started with a small glitch on the Saudi rights activist’s iPhone.
The mistake was made by NSO spyware. NSO group spyware has forgotten a fake picture on the iPhone of Saudi rights activist Luzain Al-Hathloul. Al-Hathloul and privacy researchers found evidence of phone hacking from that photo source. The evidence matched the active role of the NSO group in hacking.
According to Al-Hathloul’s phone call, the NSO group has been under pressure from the government and the legal process in many countries around the world. Reuters reports the story of how the hacking of the NSO group came to the notice of those concerned.
Al-Hathloul, one of Saudi Arabia’s best-known rights activists, played a key role in campaigning for the lifting of the country’s ban on women driving. Al-Hathloul was jailed until February 2021 on charges of undermining national security.
Soon after his release from prison, Al-Hathlul received a Google mail. The company warned in the mail that government-backed hackers were trying to hack his Gmail account. Loujain Al-Hathloul then contacted Citizen Lab, a Canadian research institute, fearing that his iPhone might have been hacked as well. Separately, three people close to Hathlul confirmed the matter to Reuters.
Citizen Lab researcher Bill Marczak looked at Al-Hathloul’s iPhone records for six months. Finally, he discovers an unexpected one and sits down. Due to an error in the surveillance software’s own system, a copy of an image file was left on the phone, which could not delete itself after stealing the target’s message.
According to Bill Marczak, the computer code left after the cyber-attack matched evidence of the NSO group’s direct involvement with the surveillance software. “It was a game-changer,” Bill Marczak said.
“We caught something that the company thought would never be caught.”
The discovery was like getting a blueprint for the entire hacking strategy, on the basis of which Apple informed thousands of victims around the world about government-backed hacking.
Apple filed a lawsuit against NSO Group in November 2021 on the basis of the findings of Citizen Lab and Loujain al-Hathloul. U.S. officials are also concerned about the use of NSO software to monitor U.S. diplomats.
The spyware industry has grown in popularity in recent years. Governments in many countries have turned to phone hacking software as a digital surveillance tool. However, last year’s Pegasus scandal exposed human rights abuses using spyware on the international stage.
But cybersecurity researchers say a blueprint for a new type of powerful cyber-espionage has emerged from Loujain al-Hathloul’s hacked phone. This hacking tool infiltrates the device without any involvement from the user, which is proof of the most effective use of such a surveillance weapon to date.
Also Like: This time NSO Group Accused of Surveillance in Israel
A spokesman for the NSO group claimed in a statement that his company did not take responsibility for managing the hacking tool; “The government, the law enforcement agencies, and the intelligence agencies take over.” The spokesman did not answer questions about whether hacking tools were used to track Al-Hathloul and other rights, activists.
However, the spokesman claimed that the organizations were making allegations that they were “political opponents of cyber espionage.” He asserted that his confession had been obtained through torture and that his confession had been obtained through torture. The spokesperson refrained from giving the details in order to protect the privacy of the service customers of the organization.
Without giving details, the NSO Group has said that it will take new steps to investigate the misuse of its own products. The company also demanded that the relationship with the buyer be severed if it is used in violation of human rights.
The Invention of the Blueprint
The reason for the apprehension was Luzain Al-Hathloul, who has been a victim of espionage before.
According to a report by Reuters in 2019, Al-Hathloul was under surveillance in 2017. He was targeted by a group of US mercenaries working for the United Arab Emirates. He was identified as a “threat to national security” under a project called “Project Raven,” and his phone was hacked.
Al-Hathloul was arrested in Saudi Arabia and sentenced to three years in prison. Al-Hathloul’s family claimed that he had been tortured in prison, and that information obtained from the device had been used in interrogations. Although released in February 2021, there are restrictions on foreign travel.
Reuters found no evidence that the NSO group was involved in hacking al-Hathloul’s phone for the first time.
Her sister, Luzain Al-Hathloul, told Reuters that her experience of surveillance and imprisonment had given her the strength to take on the field against the users of the hacking tool. “He thinks he has a responsibility to continue this fight because he knows he can make a difference.”
The spyware discovered by Citizen Lab on Al-Hathloul’s iPhone is called “Zero Click” spyware in the world of cyber security. In the case of this spyware, the victim becomes infected without clicking on any of the malware links.
The “Zero Click” spyware usually deletes its own files after being infected on the victim’s device. As a result, cyber security researchers or technology institutes usually do not have any sources of investigation. This makes it harder to gather hard evidence, say, cybersecurity experts.
But different things happened with Luzain Al-Hathloul.
Also Like: When will the New 3 Mac Book Come into Apple Bag?
A copy of the spyware was left on Al-Hathloul’s iPhone due to a software error. And from that source, Markzac and his team uncovered the virtual blueprint of cyber-attacks and the evidence of their creator.
“We found the shells at the crime scene here,” he said.
Part of Marjak’s team discovered that part of the spyware’s job was to send image files to Al-Hathloul’s phone via invisible text messages. The image file would later fool the iPhone into stealing the user’s message with access to the entire phone’s memory.
An investigation by Citizen Labs found evidence that the malware was created by the NSO group. Amnesty International and Apple later verified Markzak’s analysis and confirmed its reliability.
By analyzing the spyware code of Al-Hathloul’s phone, the researchers confirmed that the software was communicating with NSO-controlled servers. Citizen Labs is calling the new iPhone hacking strategy a “forced entry.” Researchers also provided samples to Apple in September last year.
Having a blueprint for cyber attacks makes it even easier for Apple to address security risks. The company later warned victims of the NSO software of “state-backed attacks.” For the first time, the iPhone maker took such a step.
In most cases, the use of spyware created by the NSO is confirmed, but researchers also discovered the presence of a second Israeli company on the scene. Reuters reported in February that the Israeli company Quadrim was taking advantage of the same security vulnerabilities in the iPhone. The company has not yet opened its mouth in this regard.
This year’s list includes victims of anti-government protests in Thailand as well as human rights activists in El Salvador.
Apple filed a lawsuit against the NSO group in November, based on evidence obtained from Loujain al-Hathloul’s phone. The company has sued a U.S. court, alleging that the NSO group violated U.S. law by making “products capable of harming Apple products, users, and the organization by carrying out attacks.” The organization also credits Citizen Lab for providing important information as evidence. However, the company did not mention the initial evidence that was obtained from Al-Hathloul’s phone.
Also Read: How to Protect Smartphone from Hacking – 12 Expert Advice
The NSO has been saying since the beginning of the controversy that their products are used only by law enforcement and have “saved thousands of lives.” The company also claimed that some of the allegations made against the NSO group were not credible. But as always, the company has avoided disclosing details in the name of a confidentiality agreement with the buyer.
Among the iPhone users warned by Apple were nine U.S. Department of the Interior staffers working in Uganda, according to Reuters. The news agency quoted sources as saying that US government employees were also the victims of cyber espionage by the NSO.
In November, the NSO group was blacklisted by the US Department of Commerce. As a result of the ban, US technology companies will not be able to sell any software products to Israeli companies. As a result, NSO’s supply chain will be disrupted.
The U.S. Department of Commerce says the ban was imposed because of evidence that the NSO group used spyware to target “journalists, businessmen, rights activists, researchers, and embassy staff.”
In December, 17 lawmakers, including Democratic Senator Ron Wyden, called on the Treasury Department to impose sanctions on three other foreign entities, including the NSO group. They allege that the organization is cooperating with authoritarian governments on human rights violations.
Lina Al-Hathloul believes that only financial sanctions can curb the spyware industry, such as the NSO Group. “They are in a place that hurts,” he said.
Read More: Donald Trump Truth Social Media is Coming in a Day