Middle East: How a hacked phone may have led killers to Khashoggi

Video may show Khashoggi's body being moved

(16 Videos)

Video may show Khashoggi’s body being moved

Wreck of WWI German U-boat revealed

Saudi teen arrives in Canada for resettlement

A woman is evacuated by firefighters from an apartment after the explosion of a bakery on the corner of the streets Saint-Cecile and Rue de Trevise in central Paris on January 12, 2019. - A large explosion badly damaged a bakery in central Paris, injuring several people and smashing windows in surrounding buildings, police and AFP journalists at the scene said. A fire broke out after the blast at around 9am (0800 GMT) in the busy 9th district of the city, which police suspect may have been caused by a gas leak. (Photo by Thomas SAMSON / AFP) (Photo credit should read THOMAS SAMSON/AFP/Getty Images)

Police: At least 3 killed in Paris gas leak blast

Mayor: Bus crash in Ottawa kills 3, injures at least 20

Residents of Wales mining town discuss Brexit

YPG fighters are seen on the frontline on October 18, in Baghoz, Syria, during the Hajin operation to retake the last stronghold of ISIS in Syria.

How US withdrawal would leave ally vulnerable

Pictured: HMS Argyll (center) takes part in a large scale PHOTEX with the Malysian, Singapore, Australian and New Zealand Navy in the South China Sea whilst on Exercise Bersama Lima 2018.HMS ARGYLL TAKES PART IN LARGE SCALE FORMATION SAILINGOn Saturday 13th October 2018, HMS Argyll took part in a large scale formation sailing exercise which in turn was covered overhead by a photographic exercise (PHOTEX). The Photex saw 13 ships in total sailing in close proximity during Exercise Bersama Lima 18. The exercise which has finished on training serials will now move into the next phase of a War Exercise the following week which will test the reactions of all the nations taking part including UK, New Zealand, Australia, Singapore and Malaysia.Credit: LPhot Dan RosenbaumHMS Argyll

China on US Navy operation: We have missiles

U.S. Secretary of State Mike Pompeo, gives a speech at the American University in Cairo, Egypt, Thursday, Jan. 10, 2019. Pompeo delivered a scathing rebuke of the Obama administration's Mideast policies as he denounced the former president for misguided and wishful thinking that diminished America's role in the region, harmed its longtime friends and emboldened its main foe: Iran. (AP Photo/Amr Nabil)

Pompeo: No contradiction on Syria withdrawl

Presidential candidate Felix Tshisekedi (C) arrives for a meeting between CENI, SADC and other presidential candidates in Kinshasa on December 29, 2018, one day ahead of the general elections. (Photo by Luis TATO / AFP) (Photo credit should read LUIS TATO/AFP/Getty Images)

Tshisekedi declared winner in DR Congo election

brexit harassment protesters dos santos pkg vpx_00010129.jpg

As Brexit deadline looms, protests turn nasty

In this Monday, Jan. 7, 2019, photo provided on Tuesday, Jan. 8, 2019 by the North Korean government, North Korean leader Kim Jong Un walks with his wife Ri Sol Ju at Pyongyang Station in Pyongyang, North Korea, before leaving for China. Kim left for China for a four-day trip, the North's state media reported Tuesday, amid speculation that he may attempt to coordinate his positions with Beijing ahead of his likely summit with U.S. President Donald Trump. Independent journalists were not given access to cover the event depicted in this image distributed by the North Korean government. The content of this image is as provided and cannot be independently verified. Korean language watermark on image as provided by source reads: "KCNA" which is the abbreviation for Korean Central News Agency. (Korean Central News Agency/Korea News Service via AP)

China hosts surprise visit by Kim Jong Un

Gabon President elected Ali Bongo Ondimba raises his hand during the swearing in ceremony in Libreville on September 27, 2016. Ali Bongo was sworn in for second term as Gabon president, calling for unity after a disputed election win that sparked deadly unrest and revealed deep divisions in the oil-rich country. / AFP / STEVE JORDAN (Photo credit should read STEVE JORDAN/AFP/Getty Images)

Soldiers say they have seized power in Gabon

Saudi teen held Thai airport

Saudi teen granted stay in Thailand

kim jong un north korea mystery train china todd dnt tsr vpx_00022905

Kim Jong Un could be aboard mystery train

Kiyoshi Kimura (R), president of sushi restaurant chain Sushi-Zanmai, displays a 278kg bluefin tuna at his main restaurant in Tokyo on January 5, 2019. - A Japanese sushi entrepreneur paid a record $3.1 million for a giant tuna on January 5 as Tokyo's new fish market, which replaced the world-famous Tsukiji late last year, held its first pre-dawn New Year's auction. (Photo by Kazuhiro NOGI / AFP) (Photo credit should read KAZUHIRO NOGI/AFP/Getty Images)

Massive tuna nets $3.1 million at auction

(CNN)Jamal Khashoggi probably thought the messages he was sending to fellow Saudi dissident Omar Abdulaziz were hidden, cloaked in WhatsApp security. In reality they were compromised — along with the rest of Abdulaziz’s phone, which had allegedly been infected by Pegasus, a powerful piece of malware designed to spy on its users.

Abdulaziz, as CNN reported last month, is suing the creators of Pegasus, Israel-based cyber company NSO Group, accusing them of violating international law by selling the software to oppressive regimes.
NSO has denied any involvement in the death of Khashoggi, insisting its software is “only for use fighting terrorism and crime.”
    The company was condemned as “the worst of the worst” by NSA whistleblower Edward Snowden during a video conference with an Israeli audience last November.
    “The NSO Group in today’s world, based on the evidence we have, they are the worst of the worst in selling these burglary tools that are being actively currently used to violate the human rights of dissidents, opposition figures, and activists,” Snowden said.
    Read More
    Remembering Jamal Khashoggi, 100 days on

    Remembering Jamal Khashoggi, 100 days on18:33

    Big threat

    I witnessed the power of Pegasus two years ago. Mobile security experts at Check Point, one of the world leaders in cyber security, showed me how they could hack a phone with one click, gaining complete access to its microphone, camera, keyboard, and data.
    They say the malware they used was similar to Pegasus: An apparently innocent message appeared on my phone asking me to update my settings, and that was all they needed to access the phone.
    Cyber security expert Michael Shaulov launched a cybersecurity startup in 2010, partly in response to what he saw as the potential threat of Pegasus.
    “Even when [NSO Group sells] the software to specifically the law enforcement agency that specifically bought it, in the case that those guys want to go after what we call illegitimate targets, NSO has no control [over it],” he says. “They cannot really prevent it.”
    NSO Group says it can monitor the usage of all of its software by all of its clients, but would need to actively check how clients were using their products before becoming aware of any possible misuse.
    The company’s technology takes advantage of what is known as “zero days” — hidden vulnerabilities in operating systems and apps that grant elite hackers access to the inner workings of the phone. The term is derived from the fact that software developers have had no time to fix them.
    Companies like NSO have teams of researchers continuously reverse-engineering Apple and Android operating systems to find bugs in the code they can then exploit, Shaulov says, describing the process of finding zero days as an “art” in the largely black and white world of cyber security.
    NSO Group’s singular focus on mobile devices has made them the “alpha dog” in the market, Shaulov says.
    Finding a zero day can take anywhere from a few months to more than a year, and there is little guarantee of its long-term effectiveness. But if the weakness isn’t fixed, it can be exploited repeatedly to hack phones. Software developers such as Apple and Google have teams devoted to finding and fixing vulnerabilities, but it’s no easier for them than it is for hackers to find the weak link. In addition, developers’ priorities may lie elsewhere, so even known bugs remain unfixed.
    “Unless Apple or Google fixes that bug, that vulnerability … can stay for many, many years and NSO can continuously sell software that can go through those bugs in the software and infect those phones,” says Shaulov.
    Researchers at the Toronto-based Citizen Lab have tracked the use of NSO Group’s Pegasus software to 45 countries where operators “may be conducting surveillance operations,” including at least 10 Pegasus operators who “appear to be actively engaged in cross-border surveillance.”
    TIME magazine names 2018 'Person of the Year'

    TIME magazine names 2018 ‘Person of the Year’00:57

    Khashoggi: ‘God help us’

    The software, able to infect a phone after a single click on a link in a fake text message, then grants hackers complete access to the phone. Data stored on the phone, messages, phone calls and even GPS location data are visible, allowing hackers to see where someone is, who he or she is talking to, and about what.
    In the case of Khashoggi, Citizen Lab researchers say the text message went to Abdulaziz, disguised as a shipping update about a package he had just ordered. The link, which Citizen Lab says it traced to a domain connected to Pegasus, led to Abdulaziz’s phone becoming infected with the malware, giving hackers access to virtually his entire phone, including his daily conversations with Khashoggi.
    Jamal Khashoggi's private WhatsApp messages may offer new clues to killing
    Jamal Khashoggi's private WhatsApp messages may offer new clues to killing
    In one text, before his death on October 2 at the Saudi consulate in Istanbul, Khashoggi learned that his conversations with Abdulaziz may have been intercepted. “God help us,” he wrote. CNN was granted access to the correspondence between Khashoggi and Montreal-based activist Abdulaziz.
    Two months later Khashoggi entered the building for what he thought was a routine appointment to pick up papers that would allow him to marry his Turkish fiancée, Hatice Cengiz. Minutes later, he was killed in what the Saudi attorney general later acknowledged was a premeditated murder.
    The Saudis have presented shifting stories about Khashoggi’s fate, initially denying any knowledge before arguing that a group of rogue operators, many of whom belong to Saudi Crown Prince Mohammed bin Salman’s inner circle, were responsible for the journalist’s death.
    Riyadh has maintained that neither bin Salman nor King Salman knew of the operation to target Khashoggi. US officials, however, have said such a mission — including 15 men sent from Riyadh — could not have been carried out without the authorization of bin Salman.
    WaPo editor: Crown Prince in global thugs club

    WaPo editor: Crown Prince in global thugs club01:20

    NSO speaks out

    In the first interview given by NSO Group since the company was implicated in the Khashoggi case, CEO Shalev Hulio categorically denied any involvement in the tracking of the Saudi journalist or his killing. Calling his death a “shocking murder,” Hulio said that following checks carried out by NSO Group, the company would have known immediately if their software had been used to track a journalist.
    “We conducted a thorough check of all our clients, not just one client who may be a potential suspect involved in the case, but also other clients who might perhaps have an interest in following him for some reason,” explained Hulio in the interview with Yedioth Ahronoth, one of Israel’s largest newspapers. “We checked all our clients, both through conversations with them, and through a fool-proof technological check. The systems produce their own documentation, and it is not possible to act against this or that target without us being able to check it.”
    “I’m saying on the record that after all these checks there was no use of any NSO product or technology on Khashoggi; and that includes tapping, monitoring, finding location, or gathering intelligence. Exclamation mark! The story is simply not true.”
    Saudi prosecutors seek death penalty as Khashoggi murder trial opens
    Saudi prosecutors seek death penalty as Khashoggi murder trial opens
    Shalev Hulio — whose first name is the “S” in NSO — says NSO Group can disconnect a client’s software if it is used inappropriately or against improper targets, like journalists or human rights activists who are just doing their jobs.
    “In cases where the system is misused, assuming we are aware of it, the technological system that we sold them will be immediately disconnected; that is something we are able to do both technologically and legally.”
    Hulio said that NSO has “permanently” shut off the systems of three clients because of misuse, though he did not specify which clients.
    Asked repeatedly if Pegasus had been sold to Saud al-Qahtani, a high-ranking Saudi official accused by Saudi prosecutors of playing a major role in Khashoggi’s murder, who has close ties to Crown Prince Mohammed bin Salman, Hulio said it had not, and insisted that NSO does not sell to “private elements.”
    “All sales are authorized by Israel’s Defense Ministry and are only made to states and their police and law enforcement organizations,” he said, and “only for use fighting terrorism and crime.”
    Asked point blank if NSO Group sold the system to Saudi Arabia, Hulio said, “We do not comment on any questions about specific clients. We can neither deny or confirm.”
    Worldwide, Hulio said there are no more than 150 “active targets” currently being tracked with NSO’s technology. He said the previous year was the best in the company’s history and that the system had been sold to “dozens of countries worldwide on all continents apart from Antarctica.”
    Hulio repeatedly portrayed his company as one that helped the world’s intelligence agencies fight terrorism, touting the lives saved by the technology.
    “I will say with modesty that thousands of people in Europe owe their lives to the hundreds of workers [we have] in Herzliya,” he said referring to the Israeli town where the company is based. “I reiterate that any use [of our technology] that goes beyond the criteria of saving human lives at risk from crime or terror will prompt our company to take immediate steps, unequivocally and decisively.”

    Potential attack surface

    The findings of Citizens Lab, which Hulio dismissed as inaccurate, paint “a bleak picture of the human rights risk” of Pegasus, Citizen Lab say, adding that “at least six countries with significant Pegasus operations have previously been linked to abusive use of spyware to target civil society, including Bahrain, Kazakhstan, Mexico, Morocco, Saudi Arabia, and the United Arab Emirates.”
    Apple, Google and other tech firms are constantly working to fix bugs and close zero days in their software. New features they introduce brings with it new code, introducing the possibility of new vulnerabilities. The software developers devote millions of dollars to close these vulnerabilities before they’re discovered; hackers devote time and energy to discover them before they’re closed. It’s a 21st century digital arms race.
    Adam Donenfeld, a researcher who focuses on mobile security at Zimperium, says the number of places to hack a phone, called potential attack surfaces, are nearly limitless.
    Donenfeld says it’s hard to pin down precisely how many exist, “but way more than people think. There are a lot of them … there are always new vulnerabilities being introduced to devices.”
    Any interaction, however simple, between a device and a phone is a potential attack surface. Donenfeld uses the example of chat applications, but says it’s not just chat apps that provide potential ways in for hackers.
    If a hacker sends a video to your phone, even before you open it, your phone has already received some metadata about the video. It has also notified the hacker that the video has been received. You don’t need to click on the video or accept the message to create a potential attack surface.
    “I can send you a malicious data packet that can cause some memory corruption on your phone that can happen remotely just by you having [a chat app],” explains Donenfeld. “You receive messages even if the app is closed because it runs in the background, [so] there is the possibility of running code on your device without you knowing about it.”

    Value of malware

    Though the number of potential attack surfaces may by nearly limitless, very few offer the complete access elite hackers seek. In addition, there are relatively few cyber experts who understand how to take advantage of the zero day vulnerabilities.
    The scarcity of zero days, coupled with the technical difficulty needed to uncover them, makes them incredibly valuable to the right buyer.
    “If you have a working complete chain, it is definitely [worth] more than a million dollars,” says Donenfeld. “There’s always demand. There’s always someone going to buy them.”
    NSO Group has apparently capitalized on that demand, making them a multi-million-dollar company with a powerful product.
    But that product — Pegasus — has also put NSO at the center of a series of lawsuits that alleged use of the malware, as in the case of Jamal Khashoggi, violated international law.
      NSO told CNN in December Abdulaziz’s lawsuit was “completely unfounded,” and that it showed “no evidence that the company’s technology was used.”
      “The lawsuit appears to be based on a collection of press clippings that have been generated for the sole purpose of creating news headlines,” NSO said in a statement. “In addition, products supplied by NSO are operated by the government customer to whom they are supplied, without the involvement of NSO or its employees.”

        Leave a Comment

        © 2019 BBE News. All rights reserved.