Connect with us
US company sells iOS exploit to UAE government US company sells iOS exploit to UAE government

Security

US company sells iOS exploit to UAE government

Published

on

Although Apple patched the vulnerability this week, the exploit was created for it five years ago.

No sooner had the Pegasus spyware scandal by the Israeli NSO Group abated than news of another spyware developed by an American company and sold to the UAE hit iPhone owners. As a result, Apple was forced to release an unexpected emergency update to iOS 14.8, which fixes an actively exploited vulnerability in iMessage.

Although a fix was released this week, the exploit for the vulnerability was developed five years ago, according to MIT Technology Review. Moreover, the tool was created by the American company Accuvant (now part of the larger Optiv company), which sold it to the UAE government for $ 1.3 million in 2016.

An exploit for an iMessage vulnerability allows attackers to take full control of the iPhone. The tool was used in attacks on hundreds of activists, journalists and oppositionists as part of a large-scale espionage operation.

New documents from the US Department of Justice shed light on who was involved in the development of the exploit, but do not say anything about who exactly closed the sale and purchase transaction.

As SecurityLab previously reported, three former US National Security Agency employees, Marc Baier, Ryan Adams, and Daniel Gericke, were involved in the development and deployment of the exploit. The US Department of Justice accused them of violating US export control laws, according to which companies and individuals must obtain permission before providing defense-related services to foreign governments. The defendants agreed to pay a $ 1.68 million fine.

In the case of the Pegasus spyware, it was very easy to find a scapegoat, which turned out to be its developer, the Israeli company NSO Group. But the fact that not just any, but an American company created and sold an exploit for hacking iMessage should seriously concern iPhone owners.

According to representatives of the Optiv company, it fully cooperates with the US Department of Justice and is not the subject of an investigation.

Click to comment

Leave a Reply

Your email address will not be published.

Security

Hacker who earned $27 million in cyberattacks will spend 20 years in prison and pay $21 million in fines

Published

on

Hacker who earned 27 million in cyberattacks will spend 20

A Florida district court has sentenced 34-year-old IT engineer Sebastien Vashon-Desjardins to 20 years in prison for carrying out at least 90 cyberattacks.

Hacker who earned $27 million in cyberattacks will spend 20 years in prison and pay $21 million in fines

It is noted that for several years of his activity, the hacker, using the NetWalker encryption virus, earned about $ 27 million. A search of Vashon-Desjardins revealed a crypto wallet containing 719 bitcoins, which was about $22 million at the time of the cybercriminal’s arrest in January 2022.

According to investigators, the 34-year-old cybercriminal acted in collusion with other hackers. Vashon-Desjardins himself played the role of an attacker: he infected the corporate networks of various companies with a virus and then demanded a ransom from them. Organizations from the USA, Canada and a number of European countries suffered from the activities of the criminal.

It is noted that, in addition to the prison term, the court also imposed a fine on Vashon-Desjardins in the amount of $ 21 million. Also, the criminal will have to pay compensation to the companies affected by his actions. The amount of damages has not yet been established.

Continue Reading

Components

Unique behavior of Ryzen 7000 processors. The notorious patches from the Specter vulnerability improve the performance of new CPUs

Published

on

Unique behavior of Ryzen 7000 processors The notorious patches from

Recently, various vulnerabilities in processors have been talked about much less often, and users no longer worry about performance degradation due to patches. As it turns out, Ryzen 7000 processors generally benefit from such patches!

Unique behavior of Ryzen 7000 processors. The notorious patches from the Specter vulnerability improve the performance of new CPUs

At least this is true for Linux, since it was in this OS that the author tested the Ryzen 9 7950X and Ryzen 5 7600X. It turned out that when working out of the box, the CPUs show better performance than when loading a special version of Linux with a deactivated patch from the Specter V2 vulnerability.

Unique behavior of Ryzen 7000 processors. The notorious patches from the Specter vulnerability improve the performance of new CPUs

Of course, such results do not appear everywhere, and during normal work they are unlikely to be critical. In particular, in total, according to the results of 190 tests, the difference was only 3%.

Continue Reading

Gaming

PlayStation 5 has been hacked. You can install games, but you can’t run them yet

Published

on

PlayStation 5 has been hacked You can install games but

Nearly two years after the PlayStation 5 went on sale, modders have found a way to jailbreak the console, albeit with some restrictions.

IGN notes that the modder, known as SpecterDev, disclosed an apparent jailbreak that is described as an experimental IPV6 kernel exploit exploiting a WebKit vulnerability.

The jailbreak will only work on PS5 systems with firmware 4.03 or later. If you’ve updated your PS5 since October last year, you won’t be able to try the exploit. But even if you need firmware, an attempt to install a jailbreak works only in a third of cases.

PlayStation 5 has been hacked.  You can install games, but you can't run them yet

As for what you can do with a jailbroken PS5 right now, you’ll get access to the system’s debug menu. You can also install games from outside the PlayStation Store, but you cannot run third-party software.

Modder Lance McDonald tested the jailbreak and was able to install the PT demo, the famous teaser of the canceled Silent Hills game. However, he was unable to start playing the game. Although the exploit offers read/write access to the PS5, there is currently no way to execute the downloaded files. In any case, PT is not backwards compatible with PS5.

It is currently unlikely that this jailbreak will be widely used anytime soon due to its limitations and the fact that Sony can ban modder accounts. On top of that, there is a risk of locking the console at that time. However, it may give other hackers and modders a foundation to build more robust jailbreak tools.

Continue Reading

Most Popular