Spyware - NEWS POLITE

Hackers Bypass Apple’s Checks to Deliver Malicious Keyboards Used to Spy on Users: Report

iPhone users could be targeted by malicious keyboards that can bypass Apple’s stringent security checks to spy on user activity, according to a report. While apps that are distributed via the App Store are checked by Apple, these third-party keyboards are installed via another avenue that allows developers to test their apps on iOS. Once installed, these keyboards can be used to discreetly spy on a user and collect their sent messages, passwords, browsing history, bank credentials, and any other text entered on the phone.

Security firm Certo Software reports that third-party keyboards are being distributed by hackers as a form of ‘stalkerware’ — spyware apps or services used to monitor and stalk people online. While it is difficult to distribute these malicious apps via the App Store as Apple scans these apps before they are published, hackers have reportedly begun distributing these apps via TestFlight.

Apple’s keyboard (left) compared with the malicious keyboard
Photo Credit: Certo Software

Apple’s TestFlight service is an online platform that allows developers to invite people to test out unreleased software or run beta tests of their software, before it is published to the App Store. According to Certo Software, hackers are using the same platform to distribute malicious third-party keyboards to people, which can then be installed on an iPhone belonging to an unsuspecting partner, friend, or family member.

Once installed, the keyboard requires another setting to be enabled on the target’s iPhone that allows third-party keyboards to collect a user’s data. By default, no keyboard on iOS is allowed to access the Internet. Once this permission is enabled, the keyboard is able to transmit all keystrokes that are collected — including chat messages, passwords, notes, browsing history, OTP codes, bank credentials, and other information.

A screenshot of one of these keyboards shared by Certo Software illustrates how similar the malicious keyboard appears to Apple’s default keyboard, making it difficult for users to identify such apps on their smartphone. Data captured from the phone can be viewed by a stalker via a web portal, according to the firm.

Information captured from a target’s phone can be viewed via a web portal
Photo Credit: Certo Software

The security firm points out that Apple could implement a notification system — similar to WhatsApp’s new login alert that is shown a few hours later — to notify users when a new keyboard is installed on their smartphone.

The security firm says that users can protect themselves from these kinds of software by opening the Settings app and tapping General > Keyboard > Keyboards. You should see the name of the language you type in — for example, English (UK) — and Emoji. Any third-party keyboards you have installed, like SwiftKey or Gboard will also show up here. However, if you recognise any unknown keyboards here, you can use the Edit button to quickly delete it.

Another sign that unauthorised software has been installed on your phone without your permission is if you haven’t installed the TestFlight app on your phone but find it in your App Library or in the Settings app. You can also change your device passcode to ensure only you can access your phone, and seek support from online resources if you suspect you are a target of stalkerware on your devices, including your smartphone or computer.

Affiliate links may be automatically generated – see our ethics statement for details.

Check out our Latest News and Follow us at Facebook

Original Source

iPhone Lockdown Mode: Proof of Concept Website Can Detect if It is Enabled on Your Phone

iPhone Lockdown Mode was announced by Apple as a way to help people who face grave, targeted threats to their digital security. Apple calls this an extreme but optional protection for a small number of users, including journalists, politicians, and for human rights advocates, who are in the crosshairs of state-sponsored spyware, like Pegasus, which was developed by Israel-based NSO group. However, it looks like that a simple, proof of concept website can detect whether you have the mode enabled and may potentially make you a target.

As per a report by Motherboard, a proof of concept website developed by John Ozbay, who is a privacy activist and the CEO of privacy focused company Cryptee, can instantaneously detect whether you are using the Lockdown Mode on your iPhone or not.

Apple developed this feature to add a new layer of protection after at least two Israeli firms exploited flaws in Apple’s software to remotely break into iPhones without the target needing to click or tap anything. Pegasus software by NSO Group can carry out such attacks by injecting malware and accessing private user data. Once Lockdown Mode is enabled, it will not function as it typically does. Apps, websites, and features will be strictly limited for security, and some experiences will be completely unavailable.

“Let’s say you’re in China, and you’re using Lockdown Mode. Now, any website that you visit could effectively detect you are using Lockdown Mode, they have your IP address as well. So, they will actually be able to identify that the user with this IP address is using Lockdown Mode. It’s a tradeoff between security and privacy. [Apple] chose security,” Ozbay was quoted as saying. Ozbay says that among the various features that Lockdown Mode disables, the lack of loading custom fonts is “the easiest thing to detect and exploit.”

“It took us five minutes to put the code together and see if this was working,” he told Motherboard. The privacy activist also says that this issue is technically not a bug but a specific drawback of how Lockdown Mode is designed and there may be no way around it. He says that there is only one way Apple can mitigate this issue and that is by fundamentally changing how the Lockdown Mode works.

Apple claims that Lockdown Mode in iOS 16, iPadOS 16, and macOS Ventura further hardens device defences and strictly limits certain functionalities. iOS 16 is likely to be released next month and iPadOS may debut in October.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

DC Films Eyes Lego Franchise Producer Dan Lin as New Head, in the Vein of MCU’s Kevin Feige: Report

Check out our Latest News and Follow us at Facebook

Original Source

Greek Government Rocked by Resignations Amid Long-Simmering Surveillance Scandal

Greece’s conservative government was rocked Friday by a long-simmering surveillance scandal after its intelligence chief and a close aide to Prime Minister Kyriakos Mitsotakis resigned in the space of an hour. Panagiotis Kontoleon offered his resignation due to management “errors” during his time in the role, Mitsotakis’ office said in a statement.

The announcement that Kontoleon had resigned from his position at the head of national intelligence service EYP came less than an hour after the secretary general of the prime minister’s office, Grigoris Dimitriadis, also quit.

The resignations came a week after the leader of the country’s Socialist opposition party, Nikos Androulakis, filed a complaint with the supreme court over “attempted” spying on his mobile phone using Predator malware.

Two Greek journalists have also taken legal action this year after they claimed to have been victims of surveillance.

Androulakis on Friday called for a special investigation by parliament into the incident.

“I never expected the Greek government to spy on me using the darkest practices,” he said.

The government has consistently denied any state involvement, saying it had not bought software of that type, but the rows have sparked an outcry in the country.

Government spokesman Yiannis Economou has said it was “plausible” that individuals used Predator to spy and that all of Europe faced surveillance threats.

In November, Greek minister of state George Gerapetritis had insisted to AFP that there is “no surveillance of journalists in Greece” by the state.

“Greece fully adheres to the values of democratic society and rule of law, especially pluralism and the freedom of the press,” Gerapetritis said.

As such, he argued there was “no need for further action” to verify the alleged monitoring of investigative journalist Stavros Malichudis.

Kontoleon, who was appointed EYP head in 2019 after Mitsotakis’s conservative party won power that year, had implied while in that role that the journalists had been targeted on the order of foreign intelligence services.

Investigative websites Reporters United and Inside Story have accused Dimitriadis — a nephew of Mitsotakis — of being linked to the alleged spying scandals involving Androulakis and Greek financial journalist Thanasis Koukakis.

Dimitriadis on Friday threatened to sue Reporters United and leftist daily Efsyn unless they withdraw a story on the case. Koukakis was also warned to refrain from retweeting the story.

In one of his first acts upon assuming power in 2019, Mitsotakis raised eyebrows by attaching the national intelligence service to his office.

The main opposition party, the left-wing Syriza, called the affair “a huge scandal”. Its leader, former premier Alexis Tsipras, said the resignation of Dimitriadis was “an admission of guilt” and that Mitsotakis himself bore some of the responsibility.

“Mr Mitsotakis must give explanations to the Greek people over his own Watergate,” Tsipras said.

A dystopian, Orwellian reality

Experts note that Predator, originally developed in North Macedonia and subsequently in Israel, can access both messages and conversations.

“A few days ago I was informed by the European Parliament that there was an attempt to bug my mobile phone with Predator surveillance software,” Androulakis told the media as he left a court in Athens on July 26.

“Finding out who is behind these harmful practices is not a personal matter but a democratic duty,” he added.

The European Parliament set up a special service for MEPs to check their phones for illegal surveillance software following hacks using a spyware similar to Predator called Pegasus.

Androulakis used the service for “a precautionary check of his phone on June 28, 2022”.

“From the first check, a suspicious link related to the Predator surveillance tool was detected,” his PASOK party said in a statement.

The software can infiltrate mobile phones to extract data or activate a camera or microphone to spy on their owners.

“Predator is among the most expensive spyware and is out of reach for individuals,” cybersecurity specialist Anastasios Arampatzis told AFP, saying only a state would need its sophisticated security features.

“Security and the protection of one’s private life must be guaranteed by any democratic regime. If a state spies on its citizens, we’re heading towards a dystopian, Orwellian reality.”

Spain’s intelligence chief was sacked earlier this year after it emerged that top politicians — including Prime Minister Pedro Sanchez and Catalan separatists — had been targeted by phone hacking.

Check out our Latest News and Follow us at Facebook

Original Source

Apple to Release New Lockdown Mode to Battle Spyware, Provide Extra Layer of Protection

Apple on Wednesday said it plans to release a new feature called Lockdown Mode this fall that aims to add a new layer of protection for human rights advocates, political dissidents and other targets of sophisticated hacking attacks.

The move comes after at least two Israeli firms have exploited flaws in Apple‘s software to remotely break into iPhones without the target needing to click or tap anything. NSO Group, the maker of the Pegasus software that can carry out such attacks, has been sued by Apple and placed on a trade blacklist by US officials.

Lockdown Mode will come to Apple’s iPhones, iPads and Macs this fall and turning it on will block most attachments sent to the iPhone’s Messages app. Security researchers believe NSO Group exploited a flaw in how Apple handled message attachments. The new mode will also block wired connections to iPhones when they are locked. Israeli firm Cellebrite has used such manual connections to access iPhones.

Apple representatives said that they believe sophisticated attacks the new feature is designed to fight — called “zero click” hacking techniques — are still relatively rare and that most users will not need to active the new mode.

Spyware companies have argued they sell high-powered technology to help governments thwart national security threats. But human rights groups and journalists have repeatedly documented the use of spyware to attack civil society, undermine political opposition, and interfere with elections.

To help harden the new feature, Apple said it will pay up to $2 million (nearly Rs. 15 crore) for each flaw that security researchers can find in the new mode, which Apple representatives said was the highest such “bug bounty” offered in the industry.

Apple also said it is making a $10 million (nearly Rs. 80 crore) grant, plus any possible proceeds from its lawsuit against NSO Group, to groups that find, expose and work to prevent targeted hacking. Apple said the grant will go to the Dignity and Justice Fund established by the Ford Foundation, one of the largest private foundations in the United States.

Check out our Latest News and Follow us at Facebook

Original Source

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.