Home / Business / Khashoggi: How a hacked phone might have led murderer to the Saudi journalist

Khashoggi: How a hacked phone might have led murderer to the Saudi journalist

NSO has denied any involvement in Khashoggi's death, and insists that its software is "only for use in combating terrorism and crime".

The company was condemned as "worst of the worst" by the NSA whistleblower Edward Snowden during a video conference with an Israeli audience in November November.

"The NSO group in today's world, based on the evidence we have, is the worst worst thing to sell these burglary tools that are actively violating the human rights of dissidents, opposition numbers, and activists," Snowden said.

Big hot

I witnessed Pegasus' power two years ago. Checkpoint mobile security experts, one of the world leaders in security security, showed me how to hack a phone with one click, get full access to the microphone, camera, keyboard and data.

They say malicious software they used was similar to Pegasus: An obvious innocent message occurred on my phone and asked me to update my settings, and that was all they needed to access the phone.

Cyber ​​security expert Michael Shaulov launched a cyber security start in 201

0, partly in response to what he saw as a potential threat to Pegasus.

"Even when [NSO Group sells] the software to specifically the law enforcement agency specifically bought it, if they want to go for what we call unauthorized targets, the NSO has no control [over it]," he says. "They can't really prevent it."

The NSO Group says it can monitor the use of all software by all its customers, but would need to actively monitor how customers used their products before becoming aware of any abuse.

The company's technology utilizes what is called "null days" – hidden vulnerabilities in operating systems and apps that give elite hackers access to the phone's internal features. The term stems from the fact that software developers have not had time to fix them.

Companies like NSO have team of scientists continuously reverse technology Apple and Android operating system to find errors in the code that they can utilize, Shaulov says, describing the process of finding zero days as an "art" in it basically black and the white world of cyber security.

The outstanding focus of the NSO group on mobile devices has made them the "alpha dog" in the market, Shaulov says. 19659002] Finding a zero day can take anywhere from a few months to more than a year, and there is little guarantee for its long-term efficiency. But if the weakness is not solved, it can be used repeatedly to hack phones. Software developers like Apple and Google have teams dedicated to finding and fixing vulnerabilities, but it's not easier for them than for hackers to find the weak link. In addition, the developer's priorities can be elsewhere, so even known bugs remain unchanged.

"Unless Apple or Google fixes that bug, the vulnerability can stay for many years, and NSO can continually sell programs that can go through these bugs in the software and infect these phones," Shaulov says.

Scientists at Toronto-based Citizen Lab have tracked the use of the NSO group's Pegasus software to 45 countries where operators "can perform monitoring operations" at least 10 Pegasus operators who "appear to be actively involved in cross-border monitoring".

Khashoggi: "God help us"

The software can infect a phone after a single click on a link in a false text message, giving hackers full access to the phone. Data stored in the phone, messages, phone calls and even GPS position data are visible so that hackers can see where someone is, who he or she is talking to and about what.

In the case of Khashoggi, Citizen Lab researchers say that the text message went to Abdulaziz, disguised as a freight update on a package he just ordered. The link, which Citizen Lab says traced to a domain linked to Pegasus, led Abdulaziz's phone to become infected with malware, giving hackers access to almost the entire phone, including his daily Khashoggi conversations.

  Jamal Khashoggi's Private WhatsApp Messages May Provide New Clues to Kill

In a Text Before His Death on October 2 at. Saudi Arabian Consulate in Istanbul, Khashoggi learned that his conversation with Abdulaziz may have been intercepted. "God helps us," he wrote. CNN got access to the correspondence between Khashoggi and Montreal-based activist Abdulaziz.

Two months later, Khashoggi came into the building for what he thought was a routine meeting to retrieve paper that would allow him to marry his Turkish-engaged Hatice Cengiz. Minutes later he was killed in what the Saudi lawyer later admitted was a preventive murder.

The Saudis have presented varying stories of Khashoggi's fate, first to deny any knowledge before claiming that a group of rogue operators, many of whom belong to the Saudi Crown Prince Mohammed bin Salman's inner circle, was responsible for the journalist's death.

Riyadh claims that neither bin Salman nor King Salman knew about the operation to target Khashoggi. However, US officials have said such a mission – including 15 men sent from Riyadh – could not have been carried out without the permission of bin Salman.

NSO speaks out

In it The first interview given by the NSO Group since the company was involved in the Khashoggi case, CEO Shalev Hulio categorically refused to engage in the tracking of the Saudi journalist or his killing. Hanio said he had a shocking murder, says Hulio that after checks by the NSO Group, the company would have shown whether their software had been used to track a journalist immediately.

"We did a thorough check on all our customers, not just a client who might be a potential suspect involved in the case, but also other customers who might be interested in following him for some reason," explained Hulio in the interview. Yedioth Ahronoth, one of Israel's largest newspapers. "We controlled all our customers, both through conversations with them and through a foolproof technical control. The systems produce their own documentation, and it is not possible to act against this or that goal without us being able to control it."

"I say in the record that after all these checks, no NSO product or technology was used on Khashoggi, and that includes tapping, monitoring, locating or collecting intelligence. Exclamation marks! The story is simply not true." 19659018] Saudi prosecutors seek death penalty when Khashoggi murder trial opens ” data-src-mini=”//cdn.cnn.com/cnnnext/dam/assets/181025171830-jamal-khashoggi-small-169.jpg” data-src-xsmall=”//cdn.cnn.com/cnnnext/dam/assets/181025171830-jamal-khashoggi-medium-plus-169.jpg” data-src-small=”http://cdn.cnn.com/cnnnext/dam/assets/181025171830-jamal-khashoggi-large-169.jpg” data-src-medium=”//cdn.cnn.com/cnnnext/dam/assets/181025171830-jamal-khashoggi-exlarge-169.jpg” data-src-large=”//cdn.cnn.com/cnnnext/dam/assets/181025171830-jamal-khashoggi-super-169.jpg” data-src-full16x9=”//cdn.cnn.com/cnnnext/dam/assets/181025171830-jamal-khashoggi-full-169.jpg” data-src-mini1x1=”//cdn.cnn.com/cnnnext/dam/assets/181025171830-jamal-khashoggi-small-11.jpg” data-demand-load=”not-loaded” data-eq-pts=”mini: 0, xsmall: 221, small: 308, medium: 461, large: 781″ src=”data:image/gif;base64,R0lGODlhEAAJAJEAAAAAAP///////wAAACH5BAEAAAIALAAAAAAQAAkAAAIKlI+py+0Po5yUFQA7″/>

Shalev Hulio – whose first name is "S" in NSO – says the NSO group can disconnect a customer's software about it is used inappropriately or against unfair targets, such as journalists or human rights activists who are only doing their jobs.

"If the system is abused, provided we are aware of it, Technically illogical system we sold them will immediately be disconnected; it is something we can do both technically and legally."

Hulio said that NSO "permanently "Turn off the systems for three customers due to misuse, but he did not specify which customers.

Asked if Pegasus had been sold to Saud al-Qahtani, a top-ranking Saudi official accused of Saudi prosecutors playing a major role in the Khashoggi assassination, closely linked to Crown Prince Mohammed bin Salman, Hulio said it had, and insisted that NSO does not sell to "private parts".

"All sales are authorized by the Israeli Defense Department and are made only to states and their police and law enforcement agencies," he said, and "only to combat terrorism and crime".

The language blank if the NSO group sold the system to Saudi Arabia, Hulio said, "We do not comment on any specific customer issues. We cannot deny or confirm."

Globally, Hulio says there are no more than 150 "active goals currently tracked with NSO's technology. He said the previous year was the best in the company's history and that the system had been sold to "dozens of countries around the world on all continents except Antarctica."

Hulio repeatedly called his company as one who helped the world's intelligence services fight terrorism and exploit the lives of technology.

"I will say with modesty that thousands of people in Europe owe their hundreds of workers [we have] in Herzliya," he said, referring to the Israeli city where the company is based. "I repeat that any use [of our technology] that goes beyond the criteria of fearful human life that is subjected to crime or terror will lead our company to take immediate action, unambiguous and decisive. "

Potential Attack Area

The results of Citizens Lab, which Hulio dism issued as incorrect, paints "a bleak picture of human rights risk" in Pegasus, says Citizen Lab, adding that "at least six countries with significant Pegasus operations have previously been linked to the abuse of spyware to target civil society, including Bahrain , Kazakhstan, Mexico, Morocco, Saudi Arabia and the United Arab Emirates. "

Apple, Google and other technical companies works constantly to fix errors and close zero days in the software. New features that they introduce include the new code and introduce the possibility of new vulnerabilities. The software developers devote millions of dollars to closing these vulnerabilities before they are discovered. hackers spend time and energy discovering them before they close. It is a 21st century digital arms.

Adam Donenfeld, a researcher focusing on mobile security at Zimperium, says that the number of places to hack a phone, called potential attack surfaces, is almost unlimited.

Donenfeld says that it is difficult to pinpoint how many people there are, "but way more than people think. There are many of them … there are always new vulnerabilities introduced for devices."

A certain interaction, however, simple, between a device and a telephone is a potential attack surface. Donenfeld uses the example of chat programs, but says that it is not just chat programs that provide potential ways for hackers.

If a hacker sends a video to your phone, even before you open it, your phone has already received some metadata about the video. It has also notified the hacker that the video has been received. You do not need to click on the video or accept the message to create a potential attack area.

"I can send you a malicious data packet that can cause some memory corruption on your phone that can happen remotely just by having [a chat app]," explains Donenfeld. "You get messages even if the app is closed because it runs in the background, [so] there is the option to run code on your device without you knowing about it."

Value of malicious code

[19659002] Although the number of potential attack sites can offer almost unlimited few, the complete elite searches for hackers. In addition, there are relatively few cyber experts who understand how to use the zero-day vulnerabilities.

The amount of zero days, combined with the technical difficulties needed to discover them, makes them extremely valuable to the right buyer. 19659002] "If you have a functioning complete chain, it's definitely [worth] more than a million dollars," says Donenfeld. "There is always demand. There will always be someone to buy them."

The NSO Group has apparently capitalized on that demand, making them a multi-billion dollar company with a powerful product.

But that product – Pegasus – has also put NSO in the middle of a series of trials allegedly using malware, as in the case of Jamal Khashoggi, violated international law.

NSO told CNN in December Abdulaziz's trial was "totally unfounded" and that it showed "no evidence that the company's technology was being used."

"The trial seems to be based on a collection of press clips that have been generated for the sole purpose of creating news headlines," NSO said in a statement. "In addition, products provided by NSO are delivered by government customers to whom they are delivered without the participation of NSO or its employees."

Source link