A NSO Group, an Israeli company that has created malware that takes advantage of a whatsapp loophole, said its new malicious file can collect data from cloud services like Google Drive and ICloud.
Pegasus, as it is called, would have the ability to access user-specific data on Apple, Google, Facebook, Amazon, and Microsoft servers.
Pegasus is the same one that used WhatsApp calls to infiltrate smartphones, a bug promptly corrected by the Whatsapp team, but NSO Group updated the product to capture even more information.
Malware can collect data such as location history, photo and archived messages by accessing cloud services. As it has for years with other malicious files, the Israeli company is already offering the file to governments and intelligence agencies and has said it only offers its products to responsible governments to help prevent terrorist attacks and crimes.
According to the Financial Times, the new version of Pegasus collects data by infiltrating phones to copy the authentication key for cloud services such as Google Drive and iCloud and allows a separate server to log in as if it were a user's phone. The authentication key allows the server unrestricted access to your account without checking or alerting the victim that your account has been accessed by an unknown device. The group said Pegasus works more on current iPhones and Android phones.
To make matters worse, the intrusion will continue to work even after Pegasus is removed from the smartphone. It is only interrupted if the victim changes the account password or cancels the login permission of a particular device.
The price of malware is in the millions of dollars. Malware also stands out for its ability to retrieve keys that open cloud vaults, extract and synchronize data independently.
