How CIA Agents Covertly Steal Data From Hacked Smartphones (Without Internet)

WikiLeaks has today published the 16th batch of its ongoing Vault 7 leak, this time instead of revealing new malware or hacking tool, the whistleblower organisation has unveiled how CIA operatives stealthy collect and forward stolen data from compromised smartphones.

Previously we have reported about several CIA hacking tools, malware and implants used by the agency to remotely infiltrate and steal data from the targeted systems or smartphones.

However, this time neither Wikileaks nor the leaked CIA manual clearly explains how the agency operatives were using this tool.

But, since we have been covering every CIA leak from the very first day, we have understood a possible scenario and have illustrated how this newly revealed tool was being used.

Explained: How CIA Highrise Project Works#

In general, the malware uses the internet connection to send stolen data after compromising a machine to the attacker-controlled server (listening posts), but in the case of

— source thehackernews.com | Swati Khandelwal | Jul 13, 2017

Nullius in verba

---

Advertisement

Spying on Phone Calls via Ear Speaker Vibrations Captured by Accelerometer

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for eavesdropping on a targeted user’s conversations, according to a team of researchers from several universities in the United States. The attack method, named EarSpy, is described in a paper published just before Christmas by researchers from Texas A&M University, Temple University, New Jersey Institute of Technology, Rutgers University, and the University of Dayton. EarSpy relies on the phone’s ear speaker — the speaker at the top of the device that is used when the phone is held to the ear — and the device’s built-in accelerometer for capturing the tiny vibrations generated by the speaker.

— source securityweek.com | Dec 28, 2022

Nullius in verba

---

Emojis are the cave drawings of 2015

Trevor Noah

Nullius in verba

---

People are lying more since the rise of social media and smartphones

Back in 2004, communication researcher Jeff Hancock and his colleagues had 28 students report the number of social interactions they had via face-to-face communication, the phone, instant messaging and email over seven days. Students also reported the number of times they lied in each social interaction. In Hancock’s study, the most lies per social interaction occurred via the technology with all of these features: the phone. The fewest occurred on email, where people couldn’t communicate synchronously and the messages were recorded.

When Hancock conducted his study, only students at a few select universities could create a Facebook account. The iPhone was in its early stages of development, a highly confidential project nicknamed “Project Purple.”

As in Hancock’s study, people told the most lies per social interaction over media that were synchronous and recordless and when communicators were distant: over the phone or on video chat. They told the fewest lies per social interaction via email.

— source theconversation.com | Nov 9, 2021

Nullius in verba

---

Life without a smartphone is getting harder and harder

I’ve always gotten by fine without owning a smartphone – until now. Covid has made my already obsolete 90s-designed Nokia flip-phone nearly useless. I’m suddenly surrounded by QR codes. There are now Airbnb doors I can’t open, cars I can’t start, menus I can’t read. Paper menus have vanished; ordering food has become an ordeal.

At a recent dinner with friends, after some initial chatting, everyone stared at menus on their phones. I sat there for a minute looking around the table and then whispered to my neighbor, discreetly asking to look on. When I eat out alone, I show my flip-phone to the waiter and ask for a proper menu. After an eye-roll, they’ll either bring out a paper menu from some vault in the back or hand me their own phone to use.

It’s awkward when I ask a stranger for directions and they pull out their smart phone, looking at me as if to say, “where’s your phone?” My brother says I’m like a smoker who won’t buy her own pack, but smokes everyone else’s. I never wanted to start smoking at all, but the world is conspiring to make me bum one. If I bought my own, I know I’d be smoking a pack a day.

Americans check their smartphones an average of 96 times a day, which works out to once every 15 minutes. Two-thirds of Americans check their phones 160 times every day. Social

— source theguardian.com | Jen Wasserstein | 4 Nov 2021

Nullius in verba

---

Digital Farm Technology Is Not the Climate Panacea Corporations Want You to Think It Is

Smartphones have revolutionised our way of living. No need to visit a library when looking for information—we just go online. Convenience is convincing. But can digital technology solve all the problems in the world?

The idea of going high-tech in agriculture gained traction as a silver bullet against world hunger and climate breakdown during the corporate-backed UN Food Systems Summit (UNFSS) last month.

“New and innovative technologies such as biotechnologies, precision agriculture and digital agriculture […] need to be harnessed to improve food systems,” in the words of the UNFSS Scientific Group.

Conglomerate

While technology is often associated with the pursuit of comfort and progress, it isn’t always so. Not everyone ends up as a winner.

— source theecologist.org | Astrud Lea Beringer | Oct 19, 2021

Nullius in verba

---

S.Korea fines Google $177 mln for blocking Android customisation

South Korea’s antitrust regulator has fined Alphabet Inc’s Google $176.64 million for blocking customised versions of its Android operating system (OS), in the U.S. technology giant’s second setback in the country in less than a month. The Korea Fair Trade Commission (KFTC) said on Tuesday Google’s contract terms with device makers amounted to an abuse of its dominant market position that restricted competition in the mobile OS market. The bill was passed in late August and it bans app store operators such as Google from requiring software developers to use their payment systems. The requirement had effectively stopped developers from charging commission on in-app purchases.

— source reuters.com | Sep 15, 2021

Nullius in verba

---

An explainer on the Pegasus Spyware

The recent Pegasus Project revelations of about half a lakh people across the world, including several in India, being targeted for cyber surveillance has firmly brought the spotlight on the Pegasus spyware, which is widely understood to be the most sophisticated smartphone attack tool. The revelations also mark the first time that a malicious remote jailbreak exploit had been detected within an iPhone.

Pegasus is a spyware (Trojan/Script) that can be installed remotely on devices running on Apple’s iOS & Google’s Android operating systems. It is developed and marketed by the Israeli technology firm NSO Group. NSO Group sells Pegasus to “vetted governments” for “lawful interception”, which is understood to mean combating terrorism and organised crime, as the firm claims, but suspicions exist that it is availed for other purposes.

NSO Group’s majority ownership vests its co-founders Omri Lavie and Shalev Hulo, and the European private equity fund Novalpina Capital. An American private equity firm,

— source theleaflet.in | Prashant Pandey | 21 Jul 2021

Nullius in verba

---

Digital Evidence in the Shadow of Pegasus

In the recent Arjun Khotkar ruling, the apex court laid down the law relating to section 65B of the Evidence Act, 1872. However, after the Pegasus controversy, coupled with other episodes that reveal how easy it is to invade the electronic devices of any individual, more elaborate directions are needed.

Pegasus, the spyware developed by the Israeli cyber arms firm NSO Group, can easily infect electronic devices such as laptops and mobile phones. It can then read messages, track the location, access the device microphone and camera, etc of an unsuspecting user. It can avoid detection by antivirus and get deactivated remotely.

Considering how sophisticated Pegasus is, the only probable way to deal with this virus is to get rid of the phone. The gravity of the matter is such that after a hacking episode, WhatsApp admitted the data of its users was compromised and filed a suit in

— source theleaflet.in | Abhay Nevagi | 03 Aug 2021

Nullius in verba

---

A Look at How Pegasus Brings the Best of Technology to Achieve the Worst

The NSO Group’s Pegasus spyware adds new layers and unique capabilities to a highly sophisticated and booming surveillance software industry to overcome modern challenges posed by encryption, masking and frequent SIM card replacement.

In this regard, the Pegasus marketing brochure, made public as part of WhatsApp’s filings in a US court case against the Israeli company, provides an insight into the spyware’s tech stack, architecture, and features.

Though this marketing brochure is likely outdated, and thus does not represent the leaps that have likely been taken over the last few years, it still provides an important glimpse into the different layers of data collection, transmission, presentation and analysis built into the spyware.

Dissecting Pegasus: Understanding different layers of the spyware

— source thewire.in | Devesh Kumar | 02/Aug/2021

Nullius in verba

---