For this discussion, find a recent ( less than one-month-old ) online journal or

Question

For this discussion, find a recent (less than one-month-old) online journal or news article that involves malware. Give the title of the article, the URL for where you found the article, and a brief summary of what the article was about. Then answer the following questions:

What category of propagation was used by the malware?

What payload did the malware deliver?

Who or what did the malware target?

Was the attacker found? if so, what happened to the attacker? What was the motive of the attacker?

Kindly MAKE SURE article is LESS THAN ONE MONTH OLD from the Current time now

Explanation / Answer

Title: Android version of iOS malware used in targeted attacks discovered

URL: http://www.csoonline.com/article/3187464/security/android-version-of-ios-malware-used-in-targeted-attacks-discovered.html

Date: 03- Apr -2017

Summary : Researchers at Lookout and Google have identified an Android variant of custom malware originally detected in targeted attacks against iOS. Called Pegasus, the malware is used against dissidents in multiple countries, and has full intercept capabilities.

Pegasus was developed for both iOS and Android by NSO Group Technologies. Founded in 2010, NSO Group is an Israeli company specializing in the development and sale of software designed for government surveillance.

Google's name for Pegasus is Chrysaor and the search giant labels it as a PHA or Potentially Harmful Application.

Google says they've detected fewer than three dozen (36) installs on victim devices, in Israel, Georgia, Medico, Turkey, Kenya, Kyrgyzstan, Nigeria, Tanzania, UAE, Ukraine, and Uzbekistan.

Pegasus for Android does not require zero-day vulnerabilities to root the target device and install the malware. Instead, the threat uses an otherwise well-known rooting technique called Framaroot," Lookout explained.

In the case of Pegasus for iOS, if the zero-day attack execution failed to jailbreak the device, the attack sequence failed overall. In the Android version, however, the attackers built in functionality that would allow Pegasus for Android to still ask for permissions that would then allow it to access and exfiltrate data. The failsafe jumps into action if the initial attempt to root the device fails.

What category of propagation was used by the malware?

The Pegasus infection on iOS started with a malicious text message, and leveraged three zero-day vulnerabilities in order to compromise the phone.

What payload did the malware deliver?

Keylogging, screen captures, and remote control via SMS.

Pegasus will also self-destruct if the software senses there is a risk, or if a kill command is issued.

Who or what did the malware target?

The malware targets everything on the target's iPhone, including iMessage, calendar, passwords, Mail.ru, Viber, Facebook, VK, WhatsApp, Telegram, and Skype.

Related Questions

Navigate

• Browse (All)
• Browse F
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.