NSO Group Adds ‘MMS Fingerprinting’ Zero-Click Attack to Spyware Arsenal

From darkreading.com

A researcher at Swedish telecom and cybersecurity firm Enea has unearthed a previously unknown tactic that Israel’s NSO Group has made available for use in campaigns to drop its notorious Pegasus mobile spyware tool on mobile devices belonging to targeted individuals worldwide.

The researcher discovered the technique when looking into an entry entitled “MMS Fingerprint” on a contract between an NSO Group reseller and Ghana’s telecom regulator.

The contract was part of publicly available court documents associated with a 2019 lawsuit involving WhatsApp and the NSO Group, over the latter’s exploitation of a WhatsApp flaw to deploy Pegasus on devices belonging to journalists, human rights activists, lawyers, and others globally.

Read more…