Appeared software can penetrate iCloud, Google Drive

The NSO Group claims its program can infiltrate and steal personal data from Apple's cloud servers, Google, Facebook, and Microsoft.

Apple, Google, Facebook and Microsoft servers are considered the most stringent security systems in the world. But an Israeli company called NSO Group has announced that its program can infiltrate and steal personal data from the cloud server of these most-used services.

Specifically, the NSO Group's software is called Pegasus, potentially infecting the victim's device and then copying the authentication key of iCloud, Google Drive, Facebook Messenger . services to retrieve data. up there.

Appeared software can penetrate iCloud, Google Drive Picture 1 Appeared software can penetrate iCloud, Google Drive Picture 1

Pegasus works by pretending to be a user's device to download data stored on the cloud, stealing access keys, then impersonating Facebook login information or accessing saved messages. on iCloud makes the system suspicious. Pegasus's way of doing this is similar to man-in-the-middle attack.

Appeared software can penetrate iCloud, Google Drive Picture 2 — How the Pegasus malicious code works. Photo: FT.

With this type of attack, the user does not receive any warning when their account is illegally compromised and the system does not request a two-factor authentication. Smart phones, tablets and laptops are all affected by this vulnerability.

The NSO Group spokesperson does not deny the development of such a feature but they claim not to provide any hacking or data collection programs to any government other than law enforcement purposes. and legal intelligence.

Prior to this information, Apple did not deny the existence of tools such as Pegasus, and said such programs could only execute attacks aimed at a small number of devices but could not penetrate data. wide-ranging data.

Microsoft said it would continue to develop security tools for the service, while Amazon and Google said there was no evidence that their servers were violated.

Appeared software can penetrate iCloud, Google Drive Picture 3 Appeared software can penetrate iCloud, Google Drive Picture 3

NSO Group has repeatedly used malicious code to infiltrate famous platforms and become a familiar name in the security world. NSO's malware scanned iOS in 2016 and caused Apple to rush to release new updates to prevent it.

In May 2019, NSO launched a new malicious code that could exploit WhatsApp's vulnerability, so this encrypted messaging application could be hijacked with just one phone call.