Category Archives: 2023

image_pdfimage_print

Telegram and the Information War in Ukraine

Telegram and the information war in Ukraine
Telegram and the Information War in Ukraine written by Jacques Gascuel, inventor of sensitive data safety and security systems, for Freemindtronic. This article may be updated on this subject.

How Telegram Shapes the Information War in Ukraine

In this article, we explore how Telegram and Ukraine’s information warfare are intertwined. We look at how the messaging app is influencing the Russia-Ukraine conflict, and how it can be used for good or evil. We also discuss the benefits and risks of using Telegram, as well as how security and freedom of expression can be enhanced with EviCypher NFC HSM technology.

2024 Digital Security

Why Encrypt SMS? FBI and CISA Recommendations

2024 Digital Security

French Minister Phone Hack: Jean-Noël Barrot’s G7 Breach

2024 Digital Security

Cyberattack Exploits Backdoors: What You Need to Know

2024 Digital Security

Google Sheets Malware: The Voldemort Threat

2024 Articles Digital Security News

Russian Espionage Hacking Tools Revealed

2024 Digital Security Spying Technical News

Side-Channel Attacks via HDMI and AI: An Emerging Threat

How Telegram Influences the Conflict between Russia and Ukraine

Telegram and the information war in Ukraine are closely related. Telegram is a messaging app that offers users a secure and confidential way to communicate, thanks to its end-to-end encryption system. It has a large user base around the world, especially in Eastern Europe, where it plays a vital role in the information war between Russia and Ukraine.

Telegram’s Usage in Ukraine: Updated Statistics

Popularity and Download Trends

According to the report of the research company SimilarWeb, Telegram is the second most downloaded messaging app in Ukraine, after Viber, with 3.8 million downloads in 2021. It is also the fourth most used app in terms of time spent, with an average of 16 minutes per day. Telegram has about 10 million active users in Ukraine, which is almost a quarter of the country’s population.

Telegram’s Role in Ukrainian Media Landscape

Telegram is particularly appreciated by Ukrainians for its channel functionality, which allows to broadcast messages to a large audience. Some of these channels have become influential but controversial sources of information, as their owners and sources are often unknown. Among the most popular channels in Ukraine, we can mention:

  • @Zelenskyi, the official channel of President Volodymyr Zelensky, which has more than 2 million subscribers. It publishes announcements, speeches, interviews and videos of the head of state. It was created in 2019, during Zelensky’s election campaign, who was then an actor and a comedian.
  • @NashyGroshi, the channel of the journalistic project “Our Money”, which has more than 1.5 million subscribers. It publishes investigations, reports and analyses on corruption, abuse of power, political scandals and judicial cases in Ukraine. It was created in 2008, by journalist Denys Bihus, who received several awards for his work.
  • @Resident, the channel of blogger and activist Anatoliy Shariy, which has more than 1.3 million subscribers. It publishes comments, criticisms and sarcasms on the political and social news in Ukraine. He is known for his pro-Russian, anti-European and anti-government positions. He is currently in exile in Spain, where he is wanted by the Ukrainian justice for high treason and incitement to hatred.

These channels illustrate the diversity and complexity of the Ukrainian media landscape, which is marked by the conflict with Russia, the democratic transition, the fight against corruption and the polarization of society. They are also a reflection of the issues and challenges related to the use of Telegram, which can be both a tool of communication, information and manipulation.

Oleksiy Danilov’s Stance on Telegram’s Usage in Ukraine

Concerns Over National Security

Oleksiy Danilov is the secretary of the National Security and Defense Council of Ukraine, the body responsible for coordinating and controlling the activities of the executive bodies in the fields of national security and defense. He is also the head of cybersecurity of the country, and in this capacity, he expressed his reservations about the use of Telegram by Ukrainians. In February 2022, he stated that some anonymous and manipulative Telegram channels represented a threat to national security, and that they should be de-anonymized and regulated. He particularly targeted the channel @Resident, which broadcasts pro-Russian and anti-Ukrainian comments, and which is suspected of being linked to the Russian intelligence services. He also criticized the channel @Zelenskyi, which according to him, is not controlled by the Ukrainian president, but by advisers who seek to influence his policy.

Debating Telegram’s Influence in Ukraine

These statements provoked mixed reactions in Ukraine. Some supported Danilov’s position, believing that it was necessary to fight against misinformation and propaganda that undermine the sovereignty and democracy of the country. Others denounced an attempt at censorship and an attack on freedom of expression, recalling that Telegram was one of the few spaces where Ukrainians could access independent and diverse information.

How Telegram Influences the Information War in Ukraine

The Benefits and Risks of End-to-End Encryption

Telegram is a messaging app that lets you send messages, photos, videos, documents, and make voice and video calls. Its privacy policy is based on data encryption and non-cooperation with authorities. You can also create groups and channels that can reach thousands or millions of users.

End-to-end encryption is a technology that makes sure only the people in a conversation can read the messages, not even the service provider. Telegram has this option, but it is not on by default. You have to choose it for each chat, by switching to the “secret chat” mode. However, Telegram’s encryption is not based on standard protocols, and security experts have found some flaws.

Anonymous Channels and Their Impact on the Ukrainian Conflict

The channels are spaces where an administrator can send messages to a large audience. They can be public or private, and they can have millions of followers. Some channels are influential but controversial sources of information, as their owners and sources are often unknown. The channels can spread misinformation, propaganda, fake news, or violence.

Telegram and Russian propaganda have a strong connection, as many pro-Russian channels use the app to influence the public opinion in Ukraine and other countries. Telegram and the Ukrainian resistance also use the app to communicate and organize their actions against the Russian aggression.

Bots, Payment Services and Unique Usernames: A Double-Edged Sword

Bots are programs that interact with users. They offer services, information, or entertainment. Anyone can create them. They can be part of chats or channels. Bots can be helpful or harmful. They can collect personal data, send spam, or spread viruses.

Payment Services: Handy or Dishonest?

You can also use payment services via Telegram. These features use third-party platforms, such as Stripe or Apple Pay. They need bank or credit card information. Payment services can be handy or dishonest. They can steal sensitive data, scam users, or fund illegal activities.

Unique Usernames: Fun or Troublesome?

Another feature of Telegram is the unique usernames. They let users contact each other easily, without sharing their phone number. Users can create and change them at any time. Unique usernames can be fun or troublesome. They can enable harassment, identity theft, or account sale.

These features of Telegram raise issues of cybersecurity, privacy, end-to-end encryption, and application security. They can be used by bad actors, who want to harm Ukraine or its people. They can also be regulated by the authorities, who want to control the information or access the data of the users.

Telegram and the Information War in Ukraine: A Challenge

One of the main challenges of Telegram and the information war in Ukraine is to balance the freedom of expression and the protection of national security. Telegram and the Ukrainian conflict are closely intertwined. The app is used by both sides to communicate, inform, and influence. Telegram and Russian propaganda have a strong connection. Many pro-Russian channels use the app to sway the public opinion in Ukraine and other countries. Telegram and the Ukrainian resistance also use the app to coordinate and organize their actions against the Russian aggression. Telegram and cybersecurity in Ukraine are also crucial. The app can be a source of threats or a tool of defense.

Telegram VS Other Messaging Apps: A Comparative Analysis

WhatsApp: Popular but Questionable Confidentiality

WhatsApp is the most popular messaging app in the world, with more than 2 billion users. It offers end-to-end encryption by default for all conversations, which guarantees the protection of data. However, it belongs to Facebook, which has a dubious reputation in terms of respect for privacy, and which has raised fears about the sharing of data with other applications of the group. WhatsApp is also subject to the requests of the authorities, who can demand access to the metadata, such as the phone number, the IP address or the location of the users.

Signal: High Security but Limited User Base

Signal is a messaging app that claims to be the most secure and confidential on the market. It also offers end-to-end encryption by default for all conversations, and it does not collect any personal data. It is developed by a non-profit organization, which does not depend on advertising or investors. It is recommended by personalities such as Edward Snowden or Elon Musk. Signal is however less popular than WhatsApp or Telegram, with about 50 million users. It also offers fewer features, such as file sharing, information channels, bots or payment services.

Telegram: Innovative but Security Concerns

Telegram is between these two apps, offering more features than Signal, but less security than WhatsApp. Telegram allows users to choose the level of encryption and privacy they want, by opting for the “secret chat” mode or the “normal chat” mode. Telegram also allows users to enjoy innovative services, such as channels, bots, payments or unique usernames. However, Telegram also presents risks, such as fakes news, inappropriate content, privacy breaches or cyberattacks. Telegram is therefore an app that offers advantages and disadvantages, and that requires vigilance and discernment from users.

Telegram’s Global Perception and Regulation

Russia: Origin and Opposition

Russia is the country of origin of Telegram, but also its main adversary. The Kremlin tried to block the app in 2018, invoking reasons of national security and fight against terrorism. It demanded that Telegram provide it with the encryption keys to access the messages of the users, which Pavel Durov refused. It then ordered the telecom operators to block access to Telegram, but this measure proved ineffective, as Telegram used cloud servers to bypass the blocking. Many Russian users also use VPNs or proxies to access the app. In 2020, the Kremlin finally lifted the ban on Telegram, acknowledging its failure and stating that the app had cooperated with the authorities to remove extremist content. However, some observers suspect that Telegram made concessions to the Kremlin to lift the blocking, such as collaborating with the Russian services or censoring some channels.

France: Striving for Digital Regulation

France is a country that wants to be at the forefront of the regulation of digital platforms, especially in terms of fighting online hate. It adopted in 2020 a law that obliges the platforms to remove illegal content, such as incitement to violence, discrimination or terrorism, within 24 hours, under penalty of financial sanctions. This law also applies to messaging apps, such as Telegram, which must set up reporting and moderation mechanisms for content. France recognizes the right of users to privacy and end-to-end encryption, but it also asks the service providers to cooperate with the law enforcement to access the encrypted data when needed. France is also a country where Telegram is used by radical groups, such as jihadists or yellow vests, who take advantage of the app to organize, mobilize or defend themselves.

Ukraine: Balancing Utility and Risks

Ukraine is a country that has an ambivalent attitude towards Telegram, recognizing its usefulness, but also its dangers. On the one hand, Telegram is a source of information and a tool of resistance for many Ukrainians, who face the threat of Russian aggression and the challenges of democratic transition. On the other hand, Telegram is also a vector of misinformation and propaganda, which can undermine the sovereignty and stability of the country. Ukraine does not have a specific law to regulate Telegram, but it has some legal provisions to protect national security and public order, which can be used to restrict or block the app if necessary. Ukraine also cooperates with international organizations, such as the EU or NATO, to counter the cyber threats and the hybrid warfare that target the country.

EviCypher NFC HSM: Enhancing Telegram’s Security

The Role of Contactless Encryption Technology

One of the main challenges of using Telegram is to ensure the security and confidentiality of the data exchanged, especially in a context of information war. To meet this challenge, a possible solution consists of using EviCypher NFC HSM technology, which is a contactless encryption technology developed by Freemindtronic, an Andorran company specializing in the design of counter-espionage solutions implementing in particular contactless security with NFC technology. EviCypher NFC HSM uses two types of encryption algorithms for data:

  • Symmetric encryption in AES-256 for data such as texts (messages), thanks to its sub-technology EviCrypt. It uses a unique key, which is randomly generated and segmented into several parts. This key is used to encrypt and decrypt messages with the AES 256-bit algorithm.
  • Asymmetric encryption in RSA-4096 for symmetric encryption keys. It uses a pair of keys, which is generated and used from the NFC HSM device and which is based on the RSA 4096-bit algorithm. This pair of keys is used to share the symmetric key of at least 256 bits between the NFC HSM devices remotely, by encrypting the symmetric key with the public key of the recipient and decrypting the symmetric key with the private key of the recipient. The symmetric key is then stored and re-encrypted in the NFC HSM device of the recipient, with the trust criteria imposed by the sender if he has encapsulated them in the shared encryption key.

Practical Applications of EviCypher NFC HSM

EviCypher NFC HSM is a technology that uses hardware security modules (HSM) to store and use encrypted secrets. It allows contactless encryption with the NFC communication protocol. You can integrate the NFC HSM into various media, such as a card, a sticker, or a key ring. Then, you can pair it with an NFC phone, tablet, or computer. This way, you can encrypt everything before using any messaging service, including Telegram. EviCypher NFC HSM also has anti-cloning, anti-replay, and counterfeit detection mechanisms. It is part of the DataShielder product range, which offers serverless and databaseless encryption solutions.

Telegram and the Ukrainian conflict

EviCypher NFC HSM is compatible with Telegram, a messaging app that influences the information war between Russia and Ukraine. It offers more security and confidentiality than Telegram’s end-to-end encryption, which is not based on recognized standards. It also gives you more flexibility and control than Telegram’s secret chat mode, as you can choose the trust criteria for the encryption keys. Moreover, it is more convenient and simple than Telegram’s normal chat mode, as you can encrypt and decrypt messages with a simple gesture.

Telegram and cybersecurity in Ukraine

EviCypher NFC HSM is a useful technology with Telegram, as it enhances the security and confidentiality of the data exchanged, especially in a context of information war. It is also a universal technology, as you can use it with any other messaging app, such as WhatsApp, Signal, Messenger, etc. It is also an innovative technology, as it uses the NFC communication protocol to perform contactless encryption, without requiring any connection or installation.

Concluding Insights on Telegram’s Role in Ukraine

In this article, we have seen how Telegram plays a vital role in the information war between Russia and Ukraine, and what issues and challenges there are in using this messaging app. We have also seen how the technology EviCypher NFC HSM can be a useful solution to enhance the security and confidentiality of the data exchanged with Telegram. We hope that this article has been informative and interesting for you, and that it has helped you to better understand the situation of Telegram in Ukraine and in other countries. Thank you for reading.

Overview of Cited Sources

Here are the sources of the article, which are valid, reliable, relevant and if possible official links that allow to justify and verify the statements made in this article:

  • [Liga.net]: the news site that published the interview of Oleksiy Danilov on November 2, 2023, in which he expresses his concerns about Telegram.
  • [NV.ua]: the news site that reported the statement of Oleksiy Danilov, who alerted the nation to the critical vulnerabilities of Telegram, on November 2, 2023.
  • [RT – Pravda]: the Ukrainian news site that related the remarks of Oleksiy Danilov, who answered the questions of journalists during a press conference on November 3, 2023.
  • [Number of Telegram Users in 2023? 55 Telegram Stats (backlinko.com)]: an article that gives figures on the use of Telegram in the world and in Ukraine.
  • [NV.ua -NSDC]: the official website of the National Security and Defense Council of Ukraine, which published the press release of Oleksiy Danilov, who clarified his recent comments on Telegram, on November 15, 2023
  • [Ukrainians turn to encrypted messengers, offline maps and Twitter amid Russian invasion]: an article that describes how Ukrainians use Telegram and other digital tools to protect themselves and get informed in the face of the Russian aggression.
  • [Pravda – France 24]: the French news site that contains a video of the interview of Oleksiy Danilov with the journalist Gulliver Cragg, dated January 23, 2023.
  • [NFC HSM Technology – Freemindtronic]: an article that explains the NFC HSM technologies and how they work.
  • [EviCypher NFC HSM technology – Freemindtronic]: a page that contains articles and videos on the NFC HSM technologies.
  • [FAQ for the Technically Inclined – Telegram APIs]: a page that provides technical information about the Telegram APIs and the MTProto protocol.

5Ghoul: 5G NR Attacks on Mobile Devices

5Ghoul: 5G NR Attacks on Mobile Devices
5Ghoul Attacks on Mobile Devices written by Jacques Gascuel, inventor of sensitive data safety and security systems, for Freemindtronic. This article may be updated on this subject.

5Ghoul: A Threat to 5G Security

5G has benefits, but also risks. 5Ghoul is a set of 5G NR flaws that affect Qualcomm and MediaTek modems, used by most 5G devices. 5Ghoul can disrupt or make unusable smartphones, routers and modems 5G. In this article, we will see what 5Ghoul is, how it compares to other 5G attacks, and how to protect yourself with contactless encryption, which uses NFC.

2023 Articles Cardokey Eco-friendly EviSwap NFC NDEF Technology GreenTech

NFC Business Cards with Cardokey free for life: How to Connect without Revealing

2023 Articles Cyberculture EviCore HSM OpenPGP Technology EviCore NFC HSM Browser Extension EviCore NFC HSM Technology Legal information Licences Freemindtronic

Unitary patent system: why some EU countries are not on board

Andorran law

Llei 26/2014 del 30 d’octubre de patents

Articles Crypto Currency Cryptocurrency Digital Security EviPass Technology NFC HSM technology Phishing

Ledger Security Breaches from 2017 to 2023: How to Protect Yourself from Hackers

5Ghoul: How Contactless Encryption Can Secure Your 5G Communications from Modem Attacks

5Ghoul is a set of 5G NR vulnerabilities that affect Qualcomm and MediaTek modems. These flaws allow to launch denial-of-service attacks or degrade the quality of the 5G network.

What is 5Ghoul?

5Ghoul is a set of 14 5G NR (New Radio) vulnerabilities, the protocol that governs the communication between 5G devices and base stations (gNB). Among these vulnerabilities, 10 are public and 4 are still confidential. They were discovered by researchers from the Singapore University of Technology and DesignSingapore University of Technology and Design.

The 5Ghoul vulnerabilities exploit implementation errors in Qualcomm and MediaTek modems, which do not comply with the specifications of the 5G NR protocol. They allow an attacker to create a fake base station, which pretends to be a legitimate one, and send malicious messages to 5G devices that connect to it. These messages can cause errors, crashes or infinite loops in the modems, resulting in denial-of-service attacks or degradations of the quality of the 5G network.

Which devices are affected by 5Ghoul?

The researchers tested the 5Ghoul vulnerabilities on 714 models of 5G smartphones from 24 different brands, including Lenovo, Google, TCL, Microsoft, etc. They also tested routers and modems 5G from various manufacturers. They found that the 5Ghoul vulnerabilities affect all 5G devices equipped with Qualcomm and MediaTek modems, which account for more than 90% of the market.

What are the impacts of 5Ghoul?

The impacts of 5Ghoul depend on the vulnerability exploited and the type of device targeted. The researchers classified the 5Ghoul vulnerabilities into three categories, according to their severity:

Level 1 vulnerabilities

Level 1 vulnerabilities are the most severe. They allow to render 5G devices completely unusable, by locking them in a state where they can neither connect nor disconnect from the 5G network. These vulnerabilities require a manual reboot of the devices to be resolved. Among the level 1 vulnerabilities, there is for example the CVE-2023-33043, which causes a crash of the Qualcomm X55/X60 modem by sending an invalid MAC/RLC message.

Level 2 vulnerabilities

Level 2 vulnerabilities are less critical, but still harmful. They allow to degrade the quality of the 5G network, by reducing the throughput, latency or stability of the connection. These vulnerabilities can be resolved by reconnecting to the 5G network. Among the level 2 vulnerabilities, there is for example the CVE-2023-33044, which causes packet loss on the MediaTek T750 modem by sending an invalid RRC message.

Level 3 vulnerabilities

Level 3 vulnerabilities are the least dangerous. They allow to disrupt the normal functioning of 5G devices, by displaying error messages, modifying settings or triggering alerts. These vulnerabilities have no impact on the quality of the 5G network. Among the level 3 vulnerabilities, there is for example the CVE-2023-33045, which causes an error message on the Qualcomm X55/X60 modem by sending an invalid RRC message.

How to protect yourself from 5Ghoul?

The researchers informed the manufacturers of Qualcomm and MediaTek modems of the 5Ghoul vulnerabilities, as well as the 5G network operators and the 5G device manufacturers. They also published a demonstration kit of the 5Ghoul vulnerabilities on GitHub, to raise awareness among the public and the scientific community of the risks of 5G NR.

To protect yourself from 5Ghoul, 5G device users must update their modems with the latest security patches, as soon as they are available. They must also avoid connecting to unreliable or unknown 5G networks, which could be fake base stations. In case of doubt, they can disable 5G and use 4G or Wi-Fi.

How 5Ghoul compares to other 5G attacks?

5Ghoul is not the first security flaw that affects 5G. Other 5G attacks have been discovered in the past, exploiting weaknesses in the protocol or in the equipment. Here are some examples of 5G attacks and their differences with 5Ghoul:

ReVoLTE

ReVoLTE is an attack that allows to listen to voice calls 4G and 5G by exploiting a vulnerability in the encryption of data. This vulnerability is due to the fact that some base stations reuse the same encryption key for multiple communication sessions, which allows an attacker to decrypt the content of the calls by capturing the radio signals.

It is different from 5Ghoul because it does not target the 5G modem, but the encryption of data. ReVoLTE also requires that the attacker be close to the victim and have specialized equipment to intercept the radio signals. ReVoLTE does not cause denial of service or degradation of the network, but it compromises the confidentiality of communications.

ToRPEDO

ToRPEDO is an attack that allows to locate, track or harass mobile phone users 4G and 5G by exploiting a vulnerability in the paging protocol. This protocol is used to notify mobile devices of incoming calls or messages. By sending repeated messages to a phone number, an attacker can trigger paging messages on the network, and thus determine the position or identity of the target device.

It is different from 5Ghoul because it does not target the 5G modem, but the paging protocol. ToRPEDO also requires that the attacker knows the phone number of the victim and has access to the mobile network. ToRPEDO does not cause denial of service or degradation of the network, but it compromises the privacy of users.

IMP4GT

IMP4GT is an attack that allows to degrade the quality of the 5G network by exploiting a vulnerability in the security protocol. This protocol is used to authenticate and encrypt the communications between 5G devices and base stations. By modifying the messages exchanged between the two parties, an attacker can mislead the network and the device on the level of security required, and thus reduce the throughput or latency of the connection.

It is different from 5Ghoul because it does not target the 5G modem, but the security protocol. IMP4GT also requires that the attacker be close to the base station and have equipment capable of modifying the messages. IMP4GT does not cause denial of service or crash of the modem, but it degrades the quality of the network.

SS7

SS7 is a set of signaling protocols used by mobile operators to establish and manage calls and messages between different networks. SS7 has existed since the 1970s and has not evolved much since, making it vulnerable to hacking attacks. By exploiting the flaws of SS7, an attacker can intercept SMS and voice calls, locate and track users, bypass two-factor authentication, or subscribe subscribers to paid services without their consent.

It is different from 5Ghoul because it does not target the 5G modem, but the signaling protocol. SS7 affects all types of mobile networks, including 5G, because it still uses SS7 for some functions, such as mobility management or compatibility with 2G and 3G networks. SS7 requires that the attacker has access to the signaling network, which is not easy to obtain, but not impossible. SS7 does not cause denial of service or crash of the modem, but it compromises the confidentiality and integrity of communications.

How and why to encrypt SMS, MMS and RCS without contact?

Contactless encryption is a method of protecting mobile communications that uses NFC (Near Field Communication) technology to establish a secure connection between two devices. NFC is a wireless communication protocol that allows to exchange data by bringing two compatible devices within a few centimeters of each other.

Contactless encryption relies on the use of an external device called NFC HSM (Hardware Security Module), which is a hardware security module that stores and manages encryption keys. The NFC HSM comes in the form of a card, a keychain or a bracelet, that the user must bring close to his phone to activate the encryption. The NFC HSM communicates with the phone via NFC and transmits the encryption key needed to secure the messages.

The technologies EviCore NFC HSM and EviCypher NFC HSM are examples of contactless encryption solutions developed by the Andorran company Freemindtronic. EviCore NFC HSM is a hardware security module that allows to encrypt SMS, MMS and RCS (Rich Communication Services) end-to-end, meaning that only the recipients can read the messages. EviCypher NFC HSM is a hardware security module that allows to encrypt multimedia files (photos, videos, audio, etc.) and share them via SMS, MMS or RCS.

Contactless encryption has several advantages over conventional encryption of mobile communications:

It offers a higher level of security, because the encryption key is not stored on the phone, but on the NFC HSM, which is more difficult to hack or steal.

It is compatible with all types of mobile networks, including 5G, because it does not depend on the communication protocol used, but on NFC.

It is easy to use, because it is enough to bring the NFC HSM close to the phone to activate the encryption, without having to install a specific application or create an account.

It is transparent, because it does not change the appearance or functioning of the messages, which remain accessible from the native application of the phone.

Statistics on 5Ghoul

How widespread are 5Ghouls? What are the trends and impacts of these flaws? Some statistics on 5Ghoul, based on sources and data that are a priori reliable.

5Ghoul: a threat to 5G devices

5Ghoul is a set of 5G NR vulnerabilities that affect Qualcomm and MediaTek modems, which are used by most 5G devices on the market. According to the researchers who discovered 5Ghoul, these vulnerabilities can cause denial-of-service attacks or network degradations.

  • How many 5G devices are affected by 5Ghoul? According to a report by Counterpoint Research, Qualcomm and MediaTek accounted for 79% of the global smartphone chipset market in Q3 2020. Qualcomm had a 39% share, while MediaTek had a 40% share. Assuming that all Qualcomm and MediaTek chipsets are vulnerable to 5Ghoul, this means that nearly 8 out of 10 smartphones are potentially at risk.
  • How many 5G NR vulnerabilities are known? According to the CVE (Common Vulnerabilities and Exposures) database. There are 16 CVE entries related to 5G NR as of April 2021. Four of them are ZeroDay vulnerabilities that have not been publicly disclosed nor fixed by the manufacturers. These vulnerabilities are classified as level 1 or 2, meaning that they can cause denial-of-service attacks or network degradations.
  • How many 5G attacks have been reported? According to the SANS Internet Storm Center, there have been no reports of 5Ghoul attacks in the wild as of April 2021. However, this does not mean that 5Ghoul is not exploited by malicious actors. The researchers who discovered 5Ghoul have developed a proof-of-concept tool called 5Ghoul-Scanner, which can detect and exploit 5Ghoul vulnerabilities. They have also released a video demonstration of 5Ghoul attacks.

Conclusion

5Ghoul is a security flaw that affects 5G modems from Qualcomm and MediaTek, which are used by most 5G devices on the market. 5Ghoul allows an attacker to disrupt the functioning of smartphones, routers and modems 5G, or even make them unusable. 5Ghoul stands out from other 5G attacks known, such as ReVoLTE, ToRPEDO, IMP4GT or SS7, by the fact that it targets the 5G modem, that it does not require secret information or specialized equipment, and that it causes denial-of-service attacks or degradations of the network. To protect yourself from 5Ghoul, 5G device users must update their modems with the latest security patches, and avoid connecting to unreliable or unknown 5G networks.

The American Intelligence: How It Works

The American Intelligence How It Works : Section 702
Learn more about the American Intelligence written by Jacques Gascuel, inventor of sensitive data safety and security systems, for Freemindtronic. This article may be updated on this subject.

The American intelligence: a paradox

The American intelligence is powerful and influential, but also faces limits and challenges. Discover how it works, what are its consequences, and how to protect yourself from it.

2023 Articles Cardokey Eco-friendly EviSwap NFC NDEF Technology GreenTech

NFC Business Cards with Cardokey free for life: How to Connect without Revealing

2023 Articles Cyberculture EviCore HSM OpenPGP Technology EviCore NFC HSM Browser Extension EviCore NFC HSM Technology Legal information Licences Freemindtronic

Unitary patent system: why some EU countries are not on board

Andorran law

Llei 26/2014 del 30 d’octubre de patents

Articles Crypto Currency Cryptocurrency Digital Security EviPass Technology NFC HSM technology Phishing

Ledger Security Breaches from 2017 to 2023: How to Protect Yourself from Hackers

The American Intelligence: How It Works, Its Limits and Consequences

The American intelligence is one of the most powerful and influential in the world. It has a vast network of agencies, resources, and allies that enable it to collect, analyze, and act on information of strategic interest. However, the American intelligence also faces challenges and criticisms, both internally and externally. In this article, we will explore how the American intelligence works, what are its limits, and what are the consequences of its actions for the global security and privacy.

How the American Intelligence Works

The American intelligence is composed of 18 agencies that form the Intelligence Community (IC). These agencies are divided into two categories: the civilian agencies, which are under the supervision of the Director of National Intelligence (DNI), and the military agencies, which are under the supervision of the Secretary of Defense.

The main civilian agencies are:

  • The Central Intelligence Agency (CIA), which is responsible for collecting, analyzing, and disseminating foreign intelligence, as well as conducting covert operations and paramilitary activities.
  • The National Security Agency (NSA), which is responsible for collecting, processing, and disseminating signals intelligence (SIGINT), as well as conducting cyber operations and protecting the US government’s communications and information systems.
  • The Federal Bureau of Investigation (FBI), which is responsible for collecting, analyzing, and disseminating domestic intelligence, as well as conducting counterintelligence, counterterrorism, and law enforcement activities.
  • The National Geospatial-Intelligence Agency (NGA), which is responsible for collecting, analyzing, and disseminating geospatial intelligence (GEOINT), which includes imagery, maps, and other geographic information.
  • The National Reconnaissance Office (NRO), which is responsible for designing, launching, and operating reconnaissance satellites and other space-based systems that provide intelligence to the IC and the Department of Defense (DoD).
  • The Office of the Director of National Intelligence (ODNI), which is responsible for overseeing, coordinating, and integrating the activities of the IC, as well as providing strategic guidance and support to the DNI.

The main military agencies are:

  • The Defense Intelligence Agency (DIA), which is responsible for providing military intelligence to the DoD and the IC, as well as conducting human intelligence (HUMINT), counterintelligence, and defense attaché activities.
  • The National Security Agency/Central Security Service (NSA/CSS), which is responsible for providing SIGINT and cyber support to the DoD and the IC, as well as conducting information assurance and cryptologic activities.
  • The National Geospatial-Intelligence Agency (NGA), which is responsible for providing GEOINT support to the DoD and the IC, as well as conducting geospatial analysis and mapping activities.
  • The National Reconnaissance Office (NRO), which is responsible for providing space-based intelligence support to the DoD and the IC, as well as conducting satellite reconnaissance and surveillance activities.
  • The Military Intelligence Corps (MI), which is responsible for providing tactical and operational intelligence to the Army and the joint force, as well as conducting HUMINT, SIGINT, GEOINT, and counterintelligence activities.
  • The Office of Naval Intelligence (ONI), which is responsible for providing maritime intelligence to the Navy and the joint force, as well as conducting HUMINT, SIGINT, GEOINT, and counterintelligence activities.
  • The Marine Corps Intelligence Activity (MCIA), which is responsible for providing intelligence to the Marine Corps and the joint force, as well as conducting HUMINT, SIGINT, GEOINT, and counterintelligence activities.
  • The Air Force Intelligence, Surveillance, and Reconnaissance Agency (AFISRA), which is responsible for providing intelligence to the Air Force and the joint force, as well as conducting HUMINT, SIGINT, GEOINT, and counterintelligence activities.

The American intelligence works by collecting information from various sources, such as human sources, signals, images, open sources, and others. It then analyzes this information to produce intelligence products, such as reports, assessments, briefings, and forecasts. These products are then disseminated to the relevant consumers, such as the President, the Congress, the military, the policy makers, and the allies. The American intelligence also acts on the information it collects, by conducting operations, such as covert actions, cyber attacks, drone strikes, and special operations.

The Limits of the American Intelligence

The American intelligence, despite its capabilities and resources, is not omnipotent or infallible. It faces several limits and challenges, such as:

  • Legal and ethical limits: The American intelligence is bound by the laws and regulations of the US and the international community, as well as by the values and principles of the American democracy. It must respect the rights and liberties of the American citizens and the foreign nationals, as well as the sovereignty and interests of the other countries. It must also abide by the oversight and accountability mechanisms of the executive, the legislative, and the judicial branches, as well as the public opinion and the media. The American intelligence must balance its need for secrecy and effectiveness with its duty for transparency and legitimacy.
  • Technical and operational limits: The American intelligence is limited by the availability and reliability of the information it collects, as well as by the accuracy and timeliness of the analysis it produces. It must deal with the challenges of information overload, data quality, data security, data privacy, and data sharing. It must also cope with the threats and risks of cyber attacks, counterintelligence, deception, and denial. The American intelligence must balance its need for innovation and adaptation with its need for standardization and coordination.
  • Strategic and political limits: The American intelligence is limited by the complexity and uncertainty of the global environment, as well as by the diversity and dynamism of the actors and issues it faces. It must deal with the challenges of globalization, multipolarity, regionalization, and fragmentation. It must also cope with the threats and opportunities of terrorism, proliferation, rogue states, failed states, and emerging powers. The American intelligence must balance its need for anticipation and prevention with its need for reaction and intervention.

The Consequences of the American Intelligence

The American intelligence has significant consequences for the global security and privacy, both positive and negative, such as:

  • Positive consequences: The American intelligence contributes to the protection and promotion of the national security and interests of the US and its allies, as well as to the maintenance and enhancement of the international peace and stability. It provides valuable information and insights to the decision makers and the operators, as well as to the public and the media. It also conducts effective operations and actions to deter, disrupt, or defeat the adversaries and the threats. The American intelligence plays a key role in the global intelligence cooperation and coordination, as well as in the global governance and leadership.
  • Negative consequences: The American intelligence also poses risks and challenges to the security and privacy of the US and its allies, as well as to the international order and norms. It may collect, analyze, or disseminate information that is inaccurate, incomplete, or biased, leading to errors, failures, or controversies. It may also conduct operations or actions that are illegal, unethical, or counterproductive, leading to violations, scandals, or backlashes. The American intelligence may face competition or conflict with the other intelligence services or actors, as well as with the other stakeholders or interests.

Section 702 of FISA: A Surveillance Without Control

  • On July 17, 2008, the US Congress passed section 702 of the FISA (Foreign Intelligence Surveillance Act), which authorizes the US intelligence agencies to collect the electronic communications of non-Americans located abroad, without a warrant from the FISA judge.
  • On January 19, 2018, the US Congress extended section 702 of FISA until December 31, 2023, without making any substantial changes.
  • On March 22, 2023, the US Congress extended section 702 of FISA again until April 19, 2024, without making any significant changes.
  • On December 16, 2023, the US Congress approved the National Defense Authorization Act (NDAA), which included a four-month extension of section 702 of FISA, avoiding its expiration at the end of the year.

The Violation of the Right to Privacy

  • On June 5, 2013, the whistleblower Edward Snowden revealed the existence of the PRISM program, which allowed the US intelligence agencies to access the data of the users of the main electronic service providers, such as Google, Facebook, Microsoft or Apple.
  • On October 6, 2015, the Court of Justice of the European Union (CJEU) invalidated the Safe Harbor, an agreement that allowed the transfer of personal data between the European Union and the United States, considering that it did not offer an adequate level of protection.
  • On July 16, 2020, the CJEU invalidated the Privacy Shield, the successor of the Safe Harbor, for the same reasons, considering that the risk of interference by the US intelligence services in the transferred data was incompatible with the respect of the fundamental rights of the persons concerned.
  • On July 31, 2023, the CJEU issued a ruling that confirmed the invalidity of the Privacy Shield and imposed strict conditions for the transfer of personal data to third countries, especially the United States, under the standard contractual clauses (SCCs) or the binding corporate rules (BCRs).

The Legal and Political Consequences

  • On October 24, 2013, the European Parliament adopted a resolution that condemned the massive surveillance activities of the US intelligence services and called for the suspension of the cooperation agreements on security and counter-terrorism.
  • On October 23, 2015, the European Parliament adopted another resolution that requested the creation of an independent international tribunal to examine the complaints of the European citizens regarding the surveillance of the US intelligence services.
  • On September 14, 2018, the European Parliament adopted a third resolution that called for the suspension of the Privacy Shield, due to the non-compliance of the commitments made by the United States on the protection of personal data.
  • On August 31, 2023, the European Parliament adopted a fourth resolution that asked the European Commission to propose a new legislation on the protection of personal data in the context of cross-border data flows, which would guarantee a level of protection equivalent to that of the general data protection regulation (GDPR).

Sources:

Congress passes temporary extension of FISA Section 702 surveillance program – Axios:

The Court of Justice invalidates Decision 2016/1250 on the adequacy of the protection provided by the EU-US Data Protection Shield:

FISA Section 702: What it is and why Congress is debating it – NBC News

New technologies and products that limit the possibilities of intelligence

Facing the capabilities of collection and analysis of the American intelligence, which threaten the privacy and sovereignty of individuals and countries, there are new technologies and products that allow to limit the possibilities of intelligence. These technologies and products use techniques of encryption, cryptography, blockchain or NFC to protect personal data and electronic communications. They offer an alternative to traditional solutions, which are often vulnerable to attacks or interceptions by the American intelligence. Among these technologies and products, we can mention:

  • EviCypher NFC HSM and EviCypher HSM OpenPGP, which are patented technologies in the United States in the field of cybersecurity developed by Freemindtronic SL Andorra, used in counter-espionage products such as DataShielder Defense. They allow to encrypt and decrypt data without contact, thanks to hardware security modules that use NFC technology. They offer compatibility with OpenPGP standards, operating without server, without database, with a very high level of flexibility from different removable, fixed and online and offline storage media including NFC HSM.
  • DataShielder DefenseDataShielder Defense, which is a counter-espionage product developed by Freemindtronic SL Andorra, which uses EviCore NFC HSM and EviCore HSM OpenPGP technologies to encrypt and decrypt all types of data and communication services. This product protects sovereign communications, by preventing the American intelligence from accessing personal, professional or state secrets. It also guarantees the sovereignty of users, by making their data anonymous and inviolable.
  • Signal, which is an instant messaging application that uses the Signal protocol, which is an end-to-end encryption protocol that ensures the confidentiality and integrity of messages. This application allows to communicate anonymously and securely, by avoiding the surveillance or censorship of the American intelligence.
  • Tor, which is a decentralized network that uses volunteer relays to route Internet traffic anonymously and encrypted. This network allows to browse the web without leaving traces, by hiding the IP address and location of users. It also allows to access hidden websites, which are not indexed by search engines.

These technologies and products represent examples of innovative solutions that limit the possibilities of the American intelligence and preserve the individual and collective sovereignty. They also illustrate the issues and challenges related to the use of digital technologies in the field of intelligence.

Conclusion

The American intelligence is a complex and dynamic phenomenon that has a significant impact on the world. It has many strengths and weaknesses, as well as many opportunities and threats. It has many achievements and failures, as well as many benefits and costs. It is a source of both security and insecurity, both privacy and surveillance. It is a subject of both admiration and criticism, both cooperation and confrontation. The American intelligence is a paradox that requires a careful and balanced approach.

New EU Data Protection Regulation 2023/2854: What you need to know

New EU Data Protection Regulation 2023/2854: What you need to know
Learn more about the new European Data Protection Regulation (2023/2854) written by Jacques Gascuel, inventor of sensitive data safety and security systems, for Freemindtronic. This article may be updated on this subject.

EU 2023/2854 Data Protection Rules: what you need to know

The EU has adopted a new regulation to protect personal data published in OJ L, 2023/2854 on 22.12.2023. How does this impact you and your business? Learn more in this article and discover why Freemindtronic innovations are already compliant.

2023 Articles Cardokey Eco-friendly EviSwap NFC NDEF Technology GreenTech

NFC Business Cards with Cardokey free for life: How to Connect without Revealing

2023 Articles Cyberculture EviCore HSM OpenPGP Technology EviCore NFC HSM Browser Extension EviCore NFC HSM Technology Legal information Licences Freemindtronic

Unitary patent system: why some EU countries are not on board

Andorran law

Llei 26/2014 del 30 d’octubre de patents

Articles Crypto Currency Cryptocurrency Digital Security EviPass Technology NFC HSM technology Phishing

Ledger Security Breaches from 2017 to 2023: How to Protect Yourself from Hackers

What you need to know about the new EU data protection regulation (2023/2854)

Personal data is a valuable asset in the digital age, but also a vulnerable asset. This is why the European Union has adopted a new regulation to protect the personal data of individuals in the EU. Data

Protection Regulation (EU) 2023/2854 supplements and updates the General Data Protection Regulation (GDPR), which has been in force since 2018. The new regulation introduces additional procedural rules for the application of the GDPR, particularly in cross-border cases. It also creates the European Data Protection Authority (EDPA), a new independent body that ensures the consistent application of EU data protection rules across the EU. The new regulation will come into force on November 26, 2024. In this article, we will explain the main provisions of the new regulation, its advantages and disadvantages, its international scope and its reactions and controversies.

We will also show you how some products and technologies from Freemindtronic, an Andorran company specialized in security and cybersecurity of computer and information systems, already comply with the new regulation, since they offer innovative and ecological solutions to protect the personal data without using servers, databases, online accounts or identifiers.

The main provisions of the EU data protection law

Several measures to ensure the security, confidentiality and integrity of personal data are introduced by the EU data protection law. These measures are:

  • Declaration of the activity and the processing practices. The controllers and the managers of the entities that process personal data must declare them to the national data protection authorities (NDPA) and to EDPA. The EDPA is a new independent body. It oversees the consistent application of the EU data protection rules across the EU. It also cooperates with the NDPA and the other EU institutions. The goal is to ensure the protection of personal data.
  • Implementation of technical and organizational measures. The controllers and the managers of the entities that process personal data must implement them to prevent the risks of damage or loss of data. For example, these measures include the encryption of data, the pseudonymization of data, the limitation of data access, the regular testing of data security, the notification of data breaches, and the appointment of a data protection officer.
  • Reinforcement of the rights of the persons concerned. They have reinforced rights, such as the right of access, the right of opposition, the right of erasure, the right to data portability and the right to restriction of processing. These rights allow the persons to obtain information about the processing of their data, to object to certain types of processing, to request the deletion of their data, to transfer their data to another entity, and to limit the processing of their data in certain cases.
  • Provision of administrative sanctions. The regulation provides them. They can reach up to 20 million euros or 4% of the annual global turnover, depending on the severity of the infringement. The NDPA or the EDPA, depending on the case, impose these sanctions. The national courts or the Court of Justice of the European Union can hear the appeals.

The advantages and disadvantages of the EU data protection reform

The EU data protection reform has pros and cons for different actors involved.

The benefits for the persons whose data are processed

The regulation offers a better protection of their rights and interests. They can control more the use of their data and benefit from a high level of security. Moreover, they have an easy and fast access to the information related to the processing of their data, as well as to the remedies in case of dispute. For instance, a person can request a copy of their data from an online platform. If they find any inaccurate or outdated data, they can ask for a correction or an update. They can also withdraw their consent to the processing of their data at any time, or ask for the deletion of their data if they no longer want to use the platform.

The drawbacks for the controllers and the managers of the entities that process personal data

The regulation imposes additional obligations and stricter constraints on them. They must comply with harmonized rules within the EU, while taking into account the national and regional specificities. Furthermore, they face more severe sanctions in case of non-compliance with the regulation. For example, an entity that processes personal data of persons located in the EU must declare its activity and its processing practices to the NDPA and the EDPA.

It must also obtain the prior consent of the persons for the processing of their data, unless there is a legal basis for the processing. The entity must process the data in a lawful, fair and transparent manner, and collect them for specific, explicit and legitimate purposes. It must also respect the principles of data minimization, data accuracy, data storage limitation, data integrity and data confidentiality.

The international scope of the EU data protection rules

The EU data protection rules have an international scope, as they apply to any entity that processes personal data of persons located in the EU, whether it is established or not in the EU. The regulation therefore requires foreign entities to respect the same rules as European entities, under penalty of sanctions. It aims to ensure an equivalent level of protection for personal data transferred outside the EU.

For this purpose, the regulation establishes different mechanisms to ensure the adequacy of the data protection in the third countries or the international organizations that receive the data. These mechanisms include, for example, the adoption of adequacy decisions by the European Commission, the use of standard contractual clauses, the adherence to binding corporate rules, or the certification by approved schemes.

The reactions and controversies of the EU data protection regulation

The EU data protection regulation has provoked diverse reactions, ranging from approval to contestation.

Positive reactions

Some actors have welcomed the interest of the regulation to strengthen the trust and to foster the technological evolution in the field of data protection. They have highlighted the innovative and ambitious character of the regulation, which places the EU at the forefront of the protection of personal data. For example, the European Data Protection Supervisor (EDPS), the independent advisor of the EU institutions on data protection issues, has praised the regulation as a “historic achievement” and a “major step forward” for the protection of the fundamental rights of the individuals in the digital age.

Negative reactions

Some actors have criticized the obligation to inform the NDPA and the EDPA about the activity and the processing practices of personal data. They have considered that it could infringe their national sovereignty or that it could create a risk of illegal or fraudulent exercise by some foreign entities. They have also expressed their concern about the complexity and the heaviness of the regulation, which could hinder the competitiveness and the growth of the entities that process personal data. For example, some member states, such as France, Germany, Italy or Spain, have raised objections or reservations about certain aspects of the regulation.

These aspects include the role and the powers of the EDPA, the criteria and the procedures for the adequacy decisions, or the level and the distribution of the sanctions.

How Freemindtronic products and technologies protect personal data

Freemindtronic is an Andorran company that specializes in security and cybersecurity of computer systems and information systems. It designs and develops green technology products and services under white label, based on contactless technology (NFC). Some of its products are PassCypher, DataShielder, SeedNFC or Cardokey, which use embedded technologies such as EviCore NFC HSM, EviCore HSM OpenPGP or EviCore NFC HSM Browser Extension.

These products and technologies have several advantages for the protection of personal data, compared to traditional solutions based on servers, databases, online accounts or identifiers. Indeed, they work without server, without database, anonymously from end to end, without the need to create an account on the internet or to identify themselves to use the products. Therefore, they reduce the risks of loss or damage of data, respect the rights of the persons concerned, and comply with the harmonized rules in the EU. These products and technologies of Freemindtronic are already compliant with the European regulation on data protection, because they respect the principles of security, confidentiality and integrity of data, as well as the rights of the persons concerned. They offer an innovative and ecological alternative to traditional solutions, which may present risks or constraints for data protection.

Conclusion

The regulation (EU) 2023/2854 is an important text for the protection of personal data in the EU. It introduces measures to ensure the security, confidentiality and integrity of data, as well as to reinforce the rights of the persons concerned. It applies to any entity that processes personal data of persons located in the EU, whether it is established or not in the EU. It was adopted within the legislative process on the fundamental rights in the EU, but it also provoked reactions and controversies between some member states. It will enter into force on November 26, 2024.

FormBook Malware: How to Protect Your Gmail and Other Data

FormBook Malware: how to protect your gmail and other data
Protect your Gmail Account FormBook malware – Jacques Gascuel: This article will be updated with any new information on the topic.

Secure Your Gmail from FormBook Attacks

FormBook is a malware that can steal your Gmail credentials, messages, and attachments. Learn how to use the Freemindtronic devices to encrypt your Gmail data and use passwordless and 2FA.

2024 Digital Security

Why Encrypt SMS? FBI and CISA Recommendations

2024 Digital Security

French Minister Phone Hack: Jean-Noël Barrot’s G7 Breach

2024 Digital Security

Cyberattack Exploits Backdoors: What You Need to Know

2024 Digital Security

Google Sheets Malware: The Voldemort Threat

2024 Articles Digital Security News

Russian Espionage Hacking Tools Revealed

2024 Digital Security Spying Technical News

Side-Channel Attacks via HDMI and AI: An Emerging Threat

How to Protect Your Gmail Account from FormBook Malware

Introduction

Imagine that you receive an email from your bank, asking you to confirm your identity by clicking on a link. You open the link, and you find yourself on a page that looks like your bank’s website, but it is actually a fake. You enter your credentials, and you think you are done. But in reality, you have just given access to your bank account to hackers, who will use it to steal your money, or worse. This is what FormBook can do, a malware that can steal your sensitive data, and that Google cannot stop. In this article, we will explain what FormBook is, how it works, and how to protect yourself from this malware.

What is FormBook and why is it a threat?

FormBook is a malware that can record your keystrokes, take screenshots, and steal your passwords, cookies, and clipboard data. It can also download and execute other malicious files on your device.

FormBook is distributed through phishing emails that contain malicious attachments. These attachments are usually disguised as invoices, receipts, or shipping confirmations. When you open them, they ask you to enable macros or content. If you do, the malware will be installed on your device.

FormBook can target any web browser, but it has a special feature for Chrome. It can inject a fake Gmail login page into your browser, and trick you into entering your credentials. The malware will then send your Gmail username and password to a remote server controlled by the hackers.

FormBook is a threat because it can compromise your Gmail account and access your personal and professional information. It can also use your Gmail account to send spam or phishing emails to your contacts, or to access other online services that are linked to your Gmail account, such as Google Drive, Google Photos, or Google Pay.

How to protect yourself from FormBook?

Google has not yet found a way to detect and block FormBook. Therefore, you need to be extra careful when you use Gmail and other online services. Here are some tips to protect yourself from FormBook and other malware:

  • Do not open or download attachments from unknown or suspicious senders. If you are not sure about the legitimacy of an email, contact the sender directly or check the official website of the company or organization.
  • Do not enable macros or content in any document unless you trust the source. Macros are small programs that can run malicious code on your device.
  • Use a strong and unique password for your Gmail account and other online accounts. Do not reuse the same password for different services. Change your password regularly and use a password manager to store and generate your passwords.
  • Enable two-factor authentication (2FA) for your Gmail account and other online accounts. 2FA adds an extra layer of security by requiring a code or a device confirmation in addition to your password.
  • Use a reputable antivirus software and keep it updated. Antivirus software can scan your device for malware and remove it. You can also use a browser extension that can block malicious websites and pop-ups.

How to encrypt your Gmail messages and attachments with DataShielder NFC HSM

DataShielder NFC HSM is a device that allows you to encrypt and decrypt your Gmail messages and attachments with your own encryption keys that you create and store offline. It uses the EviCypher NFC HSM technology, which is a contactless hardware security module (NFC HSM) that won the Gold Medal for International Inventions in Geneva on March 2021.

With DataShielder NFC HSM, you can encrypt and decrypt your data with AES-256 keys that are randomly generated and stored in the NFC HSM. You can store up to 100 keys and one pair of RSA-4096 keys in the NFC HSM. You can also use different keys for the message and the attachment.

To encrypt your Gmail message and attachment, you need to use the EviCrypt and EviFile applications that are embedded in the DataShielder NFC HSM. These applications allow you to encrypt and decrypt your data with a simple tap of your NFC phone on the DataShielder NFC HSM. You can also share your encrypted data with other users who have the same device and the same key.

By using DataShielder NFC HSM, you can protect your Gmail messages and attachments from FormBook or any other malware that can access your Gmail account. Even if your Gmail account is hacked, your encrypted data will remain encrypted and unreadable by the hackers. Only you and the authorized recipients can decrypt your data with the DataShielder NFC HSM.

How to protect your web Gmail account with passwordless and 2FA using PassCypher NFC HSM

Do you want to manage your web accounts with complicated and complex passwords that you do not need to know, remember, or type? If yes, then you should try PassCypher NFC HSM. This device uses the EviPass NFC HSM technology, which is a contactless hardware password manager that won the Silver Medal for International Inventions in Geneva on March 2021.

With PassCypher NFC HSM, you can create and store your usernames and passwords of more than 256-bit in the NFC HSM. Moreover, you can store your OTP TOTP or HOTP secret keys in the NFC HSM to generate the 2FA code for your web accounts. The NFC HSM can store up to 100 web accounts and one pair of RSA-4096 keys.

To use PassCypher NFC HSM, you need to install the Freemindtronic extension for your web browser based on Chromium or Firefox. This extension uses the EviCore NFC HSM Browser technology, which allows you to communicate with the NFC HSM via your NFC phone. You also need to use the EviPass and EviOTP applications that are embedded in the PassCypher NFC HSM. These applications allow you to create, edit, and delete your web accounts and OTP secret keys with a simple tap of your NFC phone on the PassCypher NFC HSM.

By using PassCypher NFC HSM, you can secure your web accounts with passwordless and 2FA. You do not need to display, know, or type your username and password. You just need to tap your NFC phone on the PassCypher NFC HSM and the extension will autofill and auto login your web account. You also do not need to check for a typosquatting attack, since the extension will verify the URL of the website before logging in. And you do not need to use another device or application to generate the 2FA code, since the PassCypher NFC HSM will do it for you.

How to protect your Gmail account from FormBook with PassCypher NFC HSM

FormBook is a dangerous malware that can access your Gmail account and other sensitive data. Google has not yet found a solution to stop it. Therefore, you need to be vigilant and follow the best practices to protect yourself from cyberattacks. One of them is to use PassCypher NFC HSM to secure your Gmail account with passwordless and 2FA.

By using PassCypher NFC HSM, you can protect your Gmail account from FormBook or any other malware that can access your web browser. Even if your web browser is hacked, your usernames and passwords will remain encrypted and inaccessible by the hackers. Only you can decrypt your Gmail account with the PassCypher NFC HSM. And even if the hackers manage to steal your session cookies, they will not be able to log in to your Gmail account without the 2FA code that is generated by the PassCypher NFC HSM.

To use PassCypher NFC HSM with your Gmail account, you need to follow these steps:

  • Create a Gmail account in the EviPass application on the PassCypher NFC HSM. You can use the default username and password, or you can generate a random and complex password with the EviPass application.
  • Enable 2FA for your Gmail account on the Google website.
  • Choose the option to use an authenticator app, and scan the QR code with the EviOTP application on the PassCypher NFC HSM. This will store your OTP secret key in the NFC HSM.
  • Log in to your Gmail account with the Freemindtronic extension on your web browser. Tap your NFC phone on the PassCypher NFC HSM and the extension will autofill and auto login your Gmail account. You will also see a pop-up window with the 2FA code that you need to enter on the Google website.

By following these steps, you can use PassCypher NFC HSM to secure your Gmail account with passwordless and 2FA. You can also use PassCypher NFC HSM with other web accounts that support 2FA, such as Facebook, Twitter, or Amazon. This way, you can protect yourself from FormBook and other malware that can access your web browser.

Recent statistics on FormBook

FormBook is a malware that was first discovered in 2016, but it remains very active and dangerous. According to the Check Point report on cybersecurity in 2022, FormBook was the third most widespread malware in 2021, attacking 5% of enterprise networks. It was also the most prolific infostealer malware, accounting for 16% of attacks worldwide.

FormBook spreads mainly through phishing emails that contain malicious attachments. These attachments are often RAR self-extracting archives, which are compressed files that can run malicious code when opened. The RAR files contain a legitimate document, such as a PDF or a Word file, and a hidden executable file, which is the FormBook malware. When the user opens the RAR file, the document is displayed, but the malware is also installed in the background.

FormBook can also spread through other methods, such as drive-by downloads, malicious links, or removable media. The malware can infect any Windows device, from Windows XP to Windows 10. The malware can also evade detection and removal by using various techniques, such as encryption, obfuscation, or anti-analysis.

Here are some recent statistics on FormBook, based on the data from Check Point and ANY.RUN:

  • FormBook was the most popular malware in August 2021, affecting 4.5% of organizations worldwide, followed by Trickbot and Agent Tesla, affecting respectively 4% and 3% of organizations worldwide.
  • FormBook was the fourth most common malware in 2020, according to the ranking of malware families by ANY.RUN. It accounted for 8% of the samples analyzed by the online sandboxing service.
  • FormBook was used in many phishing campaigns targeting various industries, such as defense, aerospace, health, education, finance, retail, etc. It was also used to attack Ukrainian targets during the war between Russia and Ukraine in 2022.
  • FormBook has a successor called XLoader, which appeared in 2020 and which is able to infect macOS users. XLoader is sold on the dark web for $59 for a Windows license and $49 for a macOS license.

Danger level of FormBook compared to other malware

FormBook is a very dangerous malware, because it can steal sensitive information, such as credentials, passwords, credit card numbers, 2FA codes, etc. It can also download and execute other malware, such as ransomware, banking trojans, spyware, etc. It can also remotely control the infected device and perform various malicious actions, such as deleting browser cookies, taking screenshots, restarting or shutting down the system, etc.

FormBook is also hard to detect and remove, because it uses advanced evasion techniques, such as code injection, string obfuscation, data encryption, anti-analysis, etc. It also changes frequently its name, path, and file extension, and uses random Windows registry keys to maintain its persistence.

To compare the danger level of FormBook with other known malware in its category, we can use the following criteria:

  • The number of organizations affected worldwide
  • The type and amount of information stolen
  • The ability to download and execute other malware
  • The ability to remotely control the infected device
  • The evasion techniques used
  • The ease of detection and removal

Here is a table that compares FormBook with other popular infostealer malware, such as Trickbot, Agent Tesla, LokiBot, and Raccoon:

Malware Number of organizations affected Type and amount of information stolen Ability to download and execute other malware Ability to remotely control the infected device Evasion techniques used Ease of detection and removal
FormBook 4.5% in August 2021 Credentials, passwords, credit card numbers, 2FA codes, screenshots, keystrokes, etc. Yes Yes Code injection, string obfuscation, data encryption, anti-analysis, etc. Hard
Trickbot 4% in August 2021 Credentials, passwords, banking information, personal data, etc. Yes Yes Code injection, string obfuscation, data encryption, anti-analysis, etc. Hard
Agent Tesla 3% in August 2021 Credentials, passwords, banking information, personal data, screenshots, keystrokes, etc. No Yes String obfuscation, data encryption, anti-analysis, etc. Medium
LokiBot 1.5% in August 2021 Credentials, passwords, banking information, personal data, etc. No Yes String obfuscation, data encryption, anti-analysis, etc. Medium
Raccoon 0.8% in August 2021 Credentials, passwords, banking information, personal data, etc. No Yes String obfuscation, data encryption, anti-analysis, etc. Medium

From this table, we can see that FormBook is the most dangerous infostealer malware, because it affects the most organizations, steals the most types of information, and can download and execute other malware. It is also the hardest to detect and remove, because it uses more evasion techniques than the other malware.

Forms of attacks of FormBook

FormBook can be delivered through different forms of attacks, depending on the delivery mechanism chosen by the malicious actor. Here are some forms of attacks of FormBook:

  • Phishing: FormBook can be sent by email as a malicious attachment, such as a Word, Excel, PDF, or ZIP or RAR file. The email can have a misleading subject, such as an invoice, a receipt, a contract, a job offer, etc. When the user opens the attachment, the malware runs and infects the device.
  • Exploitation of vulnerabilities: FormBook can exploit vulnerabilities in popular software, such as Microsoft Office, Windows, Adobe Reader, etc. For example, FormBook used the vulnerability CVE-2017-8570 in Microsoft Office to run malicious code from a RTF file. FormBook also used the vulnerability CVE-2021-40444 in Microsoft MSHTML to run malicious code from a CAB file.
  • Drive-by downloads: FormBook can be downloaded without the user’s knowledge when they visit a compromised or malicious website. The website can use a script or an exploit kit to trigger the download and execution of the malware on the user’s device.
  • Removable media: FormBook can be copied to removable media, such as USB drives, external hard drives, memory cards, etc. When the user connects the removable media to their device, the malware runs automatically and infects the device.
  • Social media: FormBook can be spread by messages or posts on social media, such as Facebook, Twitter, Instagram, etc. These messages or posts can contain links or images that redirect to malicious websites or infected files. When the user clicks on the link or image, the malware is downloaded and executed on their device.

Here is a type of formbook malware attacks image:

Type of Formbook MalwareAttacks

How PassCypher NFC HSM and DataShielder NFC HSM can protect you from FormBook attacks

PassCypher NFC HSM and DataShielder NFC HSM are two devices that use the EviPass NFC HSM technology from Freemindtronic, which is a contactless hardware password manager that won the Silver Medal for International Inventions in Geneva on March 2021. These devices can help you protect your web accounts and your Gmail messages and attachments from FormBook attacks, by using passwordless, 2FA, and encryption.

PassCypher NFC HSM can create and store your usernames and passwords of more than 256-bit in the NFC HSM. It can also store your OTP TOTP or HOTP secret keys in the NFC HSM to generate the 2FA code for your web accounts. The NFC HSM can store up to 100 web accounts and one pair of RSA-4096 keys.

DataShielder NFC HSM can encrypt and decrypt your Gmail messages and attachments with your own encryption keys that you create and store offline. It uses the EviCypher NFC HSM technology, which is a contactless hardware security module (NFC HSM) that won the Gold Medal for International Inventions in Geneva on March 2021. It can store up to 100 keys and one pair of RSA-4096 keys in the NFC HSM.

To use PassCypher NFC HSM and DataShielder NFC HSM, you need to install the Freemindtronic extension for your web browser based on Chromium or Firefox. This extension uses the EviCore NFC HSM Browser technology, which allows you to communicate with the NFC HSM via your NFC phone. You also need to use the EviPass, EviOTP, EviCrypt, and EviFile applications that are embedded in the PassCypher NFC HSM and DataShielder NFC HSM. These applications allow you to create, edit, delete, encrypt, and decrypt your web accounts, OTP secret keys, messages, and attachments with a simple tap of your NFC phone on the PassCypher NFC HSM or DataShielder NFC HSM.

By using PassCypher NFC HSM and DataShielder NFC HSM, you can secure your web accounts and your Gmail messages and attachments with passwordless, 2FA, and encryption. You do not need to display, know, or type your username, password, or encryption key. You just need to tap your NFC phone on the PassCypher NFC HSM or DataShielder NFC HSM and the extension will autofill, auto login, encrypt, or decrypt your web account, message, or attachment. You also do not need to use another device or application to generate the 2FA code, since the PassCypher NFC HSM will do it for you.

Here is a table that shows how PassCypher NFC HSM and DataShielder NFC HSM can protect you from different FormBook attack vectors, such as keylogger, password stealer, file transfer, screenshot, etc. I used a check mark or a cross mark to show visually what PassCypher NFC HSM and DataShielder NFC HSM protect.

 

FormBook PassCypher DataShielder
Keylogger ✔️ ✔️
Password stealer ✔️ ✔️
File transfer ✔️
Screenshot ✔️ ✔️
Remote control
Phishing ✔️ ✔️
Exploit kit
Drive-by download
Removable media ✔️
Social media

This table shows that PassCypher NFC HSM and DataShielder NFC HSM can protect your web accounts from FormBook’s keylogger, password stealer, and phishing, by using passwordless and 2FA. They can also protect your Gmail messages and attachments from FormBook’s file transfer and screenshot, by using encryption and decryption. DataShielder NFC HSM can also protect your data stored in computers or removable media, by using encryption and decryption. However, neither device can protect your device from FormBook’s remote control, exploit kit, drive-by download, or unsecured social media, which can compromise your system and your data. Therefore, you should also use an antivirus software and a firewall to prevent FormBook from accessing your device.

Quantum computing RSA encryption: a threat and a solution

Quantum computing RSA encryption
Quantum computing RSA encryption by Jacques Gascuel: This article will be updated with any new information on the topic.

Quantum computers RSA cryptography: how to secure your data

Quantum computers can break RSA encryption, which secures our online data. But there are solutions that are resistant to quantum attacks. One of them is Freemindtronic, an Andorran company that notably uses NFC HSM technology to share AES-256 keys using RSA-4096 encryption, which quantum computers cannot decipher.

2024 Articles Cardokey EviSwap NFC NDEF Technology GreenTech Technical News

NFC vCard Cardokey: Revolutionizing Digital Networking

2023 Articles Cardokey Eco-friendly EviSwap NFC NDEF Technology GreenTech

NFC Business Cards with Cardokey free for life: How to Connect without Revealing

2023 Articles Cyberculture Eco-friendly Electronics GreenTech Technologies

The first wood transistor for green electronics

Eco-friendly GreenTech

Hardware secrets manager Eco-friendly

Quantum computing RSA encryption: a challenge and a solution

Quantum computing RSA encryption is a challenge for online security. Quantum computing is a new way of computing that uses quantum physics. It can do things that classical computers cannot or are too slow to do. One of these things is breaking RSA encryption, which secures data online. RSA encryption is based on the difficulty of factoring large numbers. Quantum computers can factor large numbers faster than classical computers. They use algorithms like Shor’s algorithm, which exploits quantum properties.

However, this threat is not imminent. Building and using quantum computers is still challenging and uncertain. Two recent announcements claimed to have cracked RSA encryption with quantum systems. But they have not been verified. The experts are skeptical and doubtful. They have not provided any evidence or details. They have made unrealistic or too good to be true claims. They have not been peer-reviewed or reproduced.

What is RSA encryption?

RSA encryption is a type of asymmetric encryption. It uses two keys: a public key and a private key. The public key can be shared with anyone, but the private key must be kept secret. They are mathematically related, but it is very hard to find the private key from the public key.

How does RSA encryption work?

RSA encryption uses large prime numbers to generate the keys. The public key and the private key are based on the product of two prime numbers. It is easy to multiply two prime numbers, but very hard to factor their product. For example, 17 x 23 = 391, but finding that 391 = 17 x 23 is much harder.

RSA encryption uses keys that are 2048 or 4096 bits long. These are numbers that have 2048 or 4096 binary digits (0 or 1). They are so large that it would take billions of years for a classical computer to factor them. Therefore, RSA encryption is very secure and widely used for online security.

What is quantum computing and how does it work?

Quantum computing is a new way of computing that uses quantum physics. It can do things that classical computers cannot or are too slow to do. Here is how it works:

  • Qubits: Quantum computers use quantum bits, or qubits. They can be 0 or 1, or both at the same time. This is called superposition. When we measure a qubit, it becomes either 0 or 1. This gives us more information than a classical bit, which is always 0 or 1.
  • Entanglement: Quantum computers can also use entanglement. This is when two qubits share a quantum state and affect each other, even if they are far apart. This allows us to manipulate multiple qubits at once and create complex quantum states.
  • Parallelism: Quantum computers can use these properties to perform parallel computations. This means they can do many calculations at the same time, using fewer qubits than classical bits. This can speed up some tasks that are hard for classical computers.

One of these tasks is breaking RSA encryption, which is based on factoring large numbers. Quantum computers can use a quantum algorithm, called Shor’s algorithm, to factor large numbers faster than classical computers. This can break RSA encryption by finding the private key from the public key. However, this requires a quantum computer with many qubits and low errors, which we do not have yet.

Quantum computing RSA encryption: a challenge and a solution

The ability to find an RSA private key from its public key by a quantum computer poses a serious threat to online security. However, this threat is not imminent, as there are still many challenges and uncertainties in building and using quantum computers. Two recent announcements have claimed to have cracked RSA encryption with quantum systems, but they have not been verified and have been met with skepticism and doubt from the experts. They have not provided any evidence or details of their work. They have made assumptions and claims that seem unrealistic or too good to be true. They have not been peer-reviewed or reproduced by other sources.

How quantum computers can break RSA encryption

RSA encryption is a type of asymmetric encryption. It uses two keys: a public key and a private key. The public key can be shared with anyone, but the private key must be kept secret. They are mathematically related, but it is very hard to find the private key from the public key.

RSA encryption uses large prime numbers to generate the keys. The public key and the private key are based on the product of two prime numbers. It is easy to multiply two prime numbers, but very hard to factor their product. For example, 17 x 23 = 391, but finding that 391 = 17 x 23 is much harder.

RSA encryption uses keys that are 2048 or 4096 bits long. These are numbers that have 2048 or 4096 binary digits (0 or 1). They are so large that it would take billions of years for a classical computer to factor them. Therefore, RSA encryption is very secure and widely used for online security.

Quantum computers can break RSA encryption by finding the prime factors of the composite number that is used to generate the public and private keys. Once the prime factors are known, the private key can be easily calculated from the public key, and the encrypted messages can be decrypted. Quantum computers can use a quantum algorithm, called Shor’s algorithm, to factor large numbers faster than classical computers. Shor’s algorithm can factor a large number in polynomial time, which means that the time it takes to factor a number grows relatively slowly as the number gets larger. In contrast, the best classical algorithms for factoring are exponential, which means that the time it takes to factor a number grows very fast as the number gets larger.

Two claims of breaking RSA encryption with quantum systems

Two recent announcements have raised concerns about quantum computing RSA encryption. One is from a team of Chinese researchers, who published a paper on arXiv in December 2022. They claim to have found a faster way to break RSA encryption with a quantum computer of 372 qubits. They combine a classical algorithm, called Schnorr’s algorithm, with a quantum algorithm, called QAOA (Quantum Approximate Optimization Algorithm). Schnorr’s algorithm is a method of factoring large numbers that uses a probabilistic approach and a lattice reduction technique. QAOA is a method of finding approximate solutions to optimization problems using a quantum computer.

The researchers say that by applying QAOA to the most computationally intensive step of Schnorr’s algorithm, they can reduce the number of qubits and the number of operations needed to factor a large number. They also say that they tested their method on a 10-qubit quantum computer and succeeded in factoring a 48-bit number. They extrapolate that their method can scale to factor a 2048-bit number, which is the standard for RSA encryption.

The other announcement is from a researcher named Ed Gerck, who posted on LinkedIn in November 2023. He claims to have decrypted RSA-2048 encryption, the most used public-key algorithm, with a quantum system implementable on a smartphone or a PC running Linux. He says that he developed a quantum algorithm that can calculate prime numbers faster than Shor’s algorithm and that he proved several mathematical conjectures, such as Goldbach’s conjecture. He published an excerpt of his work, but has not provided any proof or detail of his method.

Both announcements are not verified and have been met with skepticism and doubt from the experts. They have not provided any evidence or details of their work. They have made assumptions and claims that seem unrealistic or too good to be true. They have not been peer-reviewed or reproduced by other sources.

Quantum computing RSA encryption: possible solutions

How to protect RSA encryption from quantum attacks?

However, this announcement is not yet verified, and it raises many questions in the scientific community. It is therefore premature to draw hasty conclusions, and we must wait for the publication of the evidence of his work. It is also possible that RSA encryption can be adapted to resist quantum attacks, for example by increasing the length of the keys, or by using masking techniques. In addition, there are alternatives to RSA encryption, supposed to be more robust against quantum computing. These are post-quantum cryptography algorithms, based on other mathematical problems that are difficult to solve for quantum computers. Post-quantum cryptography is a very active field of research, which aims to anticipate the threats that quantum computers would pose to the security of communications. There are several potential candidates to replace RSA encryption, but they must be evaluated and compared in order to choose the most suitable ones for different needs and constraints. The NIST has launched an international competition to select and standardize the best post-quantum encryption algorithms, which should be ready by 2024.

What are the alternatives to RSA encryption?

Some of the alternatives to RSA encryption that are considered to be more resistant to quantum attacks are:

  • Lattice-based cryptography: This is based on the hardness of finding the shortest vector in a high-dimensional lattice, or the closest vector to a given point. Lattice-based cryptography has the advantage of being fast, versatile, and allowing for advanced features such as homomorphic encryption and digital signatures. Some examples of lattice-based algorithms are NTRU, BLISS, and NewHope.
  • Code-based cryptography: This is based on the hardness of decoding a general linear code, or finding the error vector in a noisy transmission. Code-based cryptography has the advantage of being simple, efficient, and having a long history of security analysis. Some examples of code-based algorithms are McEliece, Niederreiter, and BIKE.
  • Multivariate cryptography: This is based on the hardness of solving a system of multivariate polynomial equations over a finite field. Multivariate cryptography has the advantage of being compact, flexible, and allowing for various applications such as encryption, signatures, and identification. Some examples of multivariate algorithms are Rainbow, HFE, and GeMSS.
  • Hash-based cryptography: This is based on the hardness of finding collisions or preimages for a cryptographic hash function. Hash-based cryptography has the advantage of being simple, provably secure, and relying on minimal assumptions. Some examples of hash-based algorithms are XMSS, SPHINCS, and LMS.

How Freemindtronic protects data with RSA-4096 and NFC technology

Freemindtronic is an Andorran company that specializes in security and cybersecurity of information and computer systems. It designs and develops products and services based on NFC (Near Field Communication) technology, which allows wireless communication at short distance.

The HSM of Freemindtronic: devices that store and protect cryptographic keys

One of the products of Freemindtronic is the HSM (Hardware Security Module), which is a device that stores and protects cryptographic keys. The HSM of Freemindtronic uses two technologies: EviCore HSM OpenPGP and EviCore NFC HSM.

  • EviCore HSM OpenPGP is an implementation of the OpenPGP standard, an open standard for encryption and signature of data. It can manage symmetric and asymmetric encryption keys, both standard and OpenPGP. It can also create HSM on any type of storage device, such as key store, key chain, SD card, SSD, USB drive, NAS, cloud, etc. It can work in fixed, offline, or online mode (LAN/WAN).
  • EviCore NFC HSM is a technology that allows to share AES-256 standard keys using RSA-4096 standard encryption. It works without contact with NFC HSM, which use a pair of RSA-4096 keys for secret sharing (AES-256 encryption keys).

The AES-256 standard: a type of symmetric encryption with high level of security

The AES-256 standard is a type of symmetric encryption, which means that it uses the same key to encrypt and decrypt messages. The AES-256 standard offers a high level of security, as it uses keys that are 256 bits long, which are very hard to crack by brute force. The AES-256 standard is widely used for encrypting data and communications, such as files, emails, or messages.

The RSA-4096 encryption: a type of asymmetric encryption that protects the AES-256 keys from quantum attacks

However, the AES-256 standard requires that the key be securely transmitted between the sender and the receiver, without being intercepted, modified, or forged by an attacker. This is where the RSA-4096 encryption comes in, as it provides a way to protect the AES-256 keys from quantum attacks.

The RSA-4096 encryption is a type of asymmetric encryption, which means that it uses two different keys to encrypt and decrypt messages: a public key and a private key. The public key can be shared with anyone, while the private key must be kept secret. The RSA-4096 encryption uses keys that are 4096 bits long, which are out of reach of the current or future quantum computers. The RSA-4096 encryption can encrypt the AES-256 keys with the public key of the receiver, and decrypt them with the private key of the receiver. Thus, only the receiver can access the AES-256 keys, and use them to encrypt or decrypt the messages. The RSA-4096 encryption can also sign the AES-256 keys with the private key of the sender, and verify them with the public key of the sender. Thus, the receiver can ensure the identity of the sender, and the integrity of the AES-256 keys.

The RSA-4096 encryption is therefore an effective way to protect the AES-256 keys from quantum attacks, as it uses keys that are 4096 bits long, which are out of reach of the current or future quantum computers.

The RSA-4096 encryption is also a practical way to share the AES-256 keys between the HSM, as it uses the NFC technology, which allows wireless communication at short distance. The RSA-4096 encryption is therefore a major asset for the technologies of Freemindtronic, which offer an optimal security for the encryption of data.

Conclusion

Quantum computing is a new paradigm of computing that could break RSA encryption, the most common encryption method on the internet. With only 372 qubits, a quantum computer could break RSA encryption, exposing our online data and communications. However, there are solutions and alternatives that can resist quantum attacks. One of them is Freemindtronic, an Andorran company that uses NFC technology to share AES-256 standard keys using RSA-4096 standard encryption, which is beyond the reach of quantum computers. Freemindtronic’s technologies are based on the EviCore HSM OpenPGP and the EviCore NFC HSM, which are hardware devices that store and protect cryptographic keys. EviCore HSM OpenPGP transforms your smartphone, tablet or computer into a hardware security module compatible with the OpenPGP standard. EviCore NFC HSM allows you to store and use your crypto keys and secrets in a contactless NFC device, such as a card, a sticker, or a keychain. Both technologies offer features such as offline isolation, seamless integration, enhanced user experience, and multi-factor authentication. Therefore, Freemindtronic’s technologies are innovative and secure solutions for data and communication encryption, which can withstand quantum attacks and ensure the privacy and integrity of online activities.

NFC Business Cards with Cardokey free for life: How to Connect without Revealing

Cardokey NFC vCard Business: Edit, Read, and Import Contacts Seamlessly on iPhone.
NFC Business Cards with Cardokey by Jacques Gascuel: This article will be updated with any new information on the topic.

How to Create NFC Business Cards with Cardokey

Do you want to create your contact information in a simple, fast and eco-friendly way? Do you want to use NFC technology without spending a fortune or compromising your privacy? Then you need to read this article about Cardokey, the app that’s revolutionizing NFC business cards.

2024 Articles Cardokey EviSwap NFC NDEF Technology GreenTech Technical News

NFC vCard Cardokey: Revolutionizing Digital Networking

2023 Articles Cardokey Eco-friendly EviSwap NFC NDEF Technology GreenTech

NFC Business Cards with Cardokey free for life: How to Connect without Revealing

2023 Articles Cyberculture Eco-friendly Electronics GreenTech Technologies

The first wood transistor for green electronics

Eco-friendly GreenTech

Hardware secrets manager Eco-friendly

NFC Business Cards: Create your NFC vCard with Cardokey, the Eco-Friendly and Secure NFC App

Are you looking for an eco-friendly way to create contactless business cards? Do you want to benefit from affordable NFC technology and prioritize privacy? You’ll love Cardokey – the app revolutionizing NFC business cards! Cardokey, the NFC business card that connects you while protecting your privacy.

What is Cardokey and how does it work?

Cardokey: Free App for Eco-Friendly NFC Business Cards

You can easily and free create and share your business cards, your social network links or links to your favorite sites for life. Recycle any NFC Tag, NFC Ticket, NFC Sticker or NFC card allowing the use of the NDEF format.
Use of the free Cardokey application is completely anonymous and does not ask for any personal or professional information. You therefore do not need to create an account or identify yourself to use Cardokey.

Cardokey: a compliant and sustainable solution

Cardokey adheres to various standards like ISO/IEC 7816-4, ISO/IEC 14443, NFC Forum Type 2, ISO/IEC 18092, and ISO/IEC 15693 without compromising your privacy or security. It also complies with international data protection laws such as GDPR, PIPEDA, CCPA, and more.

Cardokey is an eco-designed solution that contributes to the UN Goal 12. Consequently, it complies with international standards for eco-responsible practices, circular and solidarity economy, sustainable economy and carbon footprint reduction.

Cardokey: a compatible and versatile app

NFC business cards created with Cardokey are compatible with all NFC phones, Android and iPhone. The application works in real time, offline, without a database, including in airplane mode. This means that you can modify the information contained in the memory of your NFC media at any time. The app also allows you to format any NFC Media to NDEF format and also erase almost all types of NFC chips.

Cardokey: a simple and fast way to share your contact information

Digital business cards created with Cardokey can be shared in seconds. In fact, your interlocutor does not need to download a specific application in order to be able to read the information you wish to share. All he has to do is place the digital business card under his phone equipped with NFC technology to see the information.

How to create an NFC business card with Cardokey that fits the memory size of your NFC media?

The intelligent system of Cardokey

One of the most interesting features of Cardokey is the automatic management of the memory size of forms. The contact form indicates in real time the actual occupancy of the NDEF memory based on the number of characters. The Cardokey user knows the type of vCard information. He can store it according to the memory size. The memory size depends on the NFC media.

The different types of NFC Media and their memory size

It is possible to make a vCard with a minimum of name, surname and email information for a very small NFC memory4. For example, on an NTAG Nano, which has a capacity of 160 bytes and can store NDEF messages of up to 128 bytes, one can store basic information like a person’s name, surname, phone number, and email address.

Or, more complete information can be stored on a ST25TV02K chip, which has a capacity of 256 bytes and can store NDEF messages of up to 224 bytes. In this case, one can include a person’s name, surname, title, organization, phone number, email address, and postal address.

The steps to create an NFC business card with Cardokey

You can create NFC business cards that fit the memory size of your media without losing information. This allows you to optimize the use of your NFC Media and take advantage of their full capabilities.

To create NFC business cards that fit the memory size of your media, simply follow these steps:

  • Open the Cardokey app and choose the type of content you want to create (business card, URL link, social media link).
  • Enter the information you want to share in the contact form. The form tells you in real time how much memory your data is occupying and how much memory is available on your media.
  • Hover your smartphone to the NFC media of your choice. The app writes the data to the NFC media and confirms that the NFC business card has been created successfully.
  • Test your NFC business card by scanning it with your smartphone or another NFC phone. You’ll see the information you’ve shared on the screen.

That’s it, you’ve created an NFC business card adapted to the memory size of your media, thanks to Cardokey’s automatic form memory size management feature

What are the benefits of NFC business cards with Cardokey?

Cardokey is free and anonymous

Cardokey is a free app that lets you create NFC vCard business cards easily. You can create as many NFC business cards as you want, without paying any fees or signing up for any subscriptions. Moreover, Cardokey is completely anonymous and does not ask for any personal or professional information from the user. You don’t need to create an account or fill in any data. Everything works offline, in real-time, without a database.

Cardokey is easy to use

Cardokey is very easy to use, with one-click installation and operation. You don’t need any technical knowledge or specific hardware to create your NFC business cards. All you have to do is download the app on your smartphone, choose the type of content you want to create, enter the information you want to share, and swipe your smartphone on the NFC media of your choice. And there you have it, your NFC business card is ready! Furthermore, Cardokey features an intelligent system that optimizes the NDEF memory management of NFC media. This provides an optimal user experience.

How Cardokey protects your data with EviSwap NFC NDEF technology

The innovative features of EviSwap NFC NDEF technology

Cardokey uses EviSwap NFC NDEF technology by Freemindtronic for cybersecurity. This is an innovative technology that lets you create and share digital contacts contactless for life. With a simple click, you can create NFC business cards on any NFC media, whether it is disposable or not. You can give a new use to NFC tickets, cards, labels, and tags. You can also rewrite your NFC business cards at least a million times without any risk of error. You can use them for more than 40 years without needing a power source.

The standard and secure format of EviSwap NFC NDEF technology

EviSwap NFC NDEF technology is a technology that uses NFC to facilitate data exchange by implementing the NDEF NFC standard. NDEF stands for NFC Data Exchange Format. It is a standardized format that contains structured data, such as contacts, links, texts, images, etc. NDEF files are compatible with most computer and phone terminals, which can read and write them directly on the NFC memory. EviSwap NFC NDEF technology is especially used by Freemindtronic to exchange encrypted data from human to human from an NFC media, ensuring data security and privacy.

The performance and durability of EviSwap NFC NDEF technology for industrial chips

EviSwap NFC NDEF technology is also compatible with all NFC NDEF media, but it has the advantage of being optimized for Freemindtronic’s NFC HSM industrial chips. These chips can operate in a wide range of temperatures, from -40°C to +85°C. They can withstand harsh environments and resist shocks, vibrations, and water. They are ideal for applications that require reliability and robustness, such as logistics, manufacturing, or security. Moreover, EviSwap NFC NDEF technology is optimized to exchange the largest quantity of information stored in a large NFC memory. For example, it is possible to store NDEF messages of up to 7.9 kilobytes on an M24LR64E-R chip, which has a capacity of 8 kilobytes. In this case, one can add all types of vCard data as well as security keys, digital signature keys and other custom data.

Cardokey: the anonymous and reusable solution for creating NFC business cards

Cardokey is a secure and reusable solution. The Cardokey app works anonymously. It is not connected to a remote service. It does not store in the phone the data. It does not ask you for any information about the user. Finally, it works in real time in Air Gap Network Security . The EviSwap technology also includes an intelligent system to optimize the memory management of NFC media. The goal is to improve the user experience. The intelligent system informs the user in real time of the limits imposed by the maximum size of the NDEF memory available in the media. This allows you to easily store data according to the memory size.

Cardokey, an eco-friendly application

Cardokey isn’t just a universal app for people worldwide; it’s also eco-friendly, allowing you to recycle NFC media and reduce their environmental impact.

How Cardokey recycles NFC Media

NFC media, such as tags, cards or bracelets, are made of several elements and materials, such as PET (polyethylene terephthalate), aluminum or copper for the antenna, a silicon NFC chip, gold or other metals, and an adhesive. These materials are not all easily recyclable, and can cause pollution or waste problems. For example, PET is a common plastic, that is used in many consumer products, like water bottles or packaging. Although PET is recyclable, when it is used in large quantities and in the form of an NFC tag, it is hard to separate PET from other components for recycling, and it tends to clog the treatment filters. Moreover, the metal of an NFC antenna is difficult to recover and recycle. Finally, the NFC chip itself contains precious metals, that are often lost during the recycling process.

To avoid these problems, Cardokey offers an innovative and ecological solution: it allows you to recycle NFC media by reusing them to create new NFC business cards. Instead of throwing away your old NFC tags, cards or bracelets, you can transform them into NFC business cards with Cardokey, and give them a new life. You can also use existing NFC media, such as transport tickets, or access badges, and convert them into NFC business cards with Cardokey. You can thus enjoy all the benefits of NFC technology, without generating additional waste.

How Cardokey works with different types of NFC chips

Cardokey recycles all types of NFC chips (1, 2, 3, 4 and 5), regardless of ISO standards (14443, 15693, 18092). It detects chip types and adjusts accordingly for maximum compatibility. For example, Cardokey can read and write to NFC chips that have enough memory to store information, such as NTAG, MIFARE or ICODE chips. However, Cardokey will not be able to format, erase or modify NFC chips that are permanently locked.

How Cardokey helps you create personalized NFC business cards

By using Cardokey, you can recycle NFC media and turn them into personalized NFC business cards, that contain the information you want to share, such as your name, company, title, website, email, phone number, and more. You can also create URL links to documents or presentations that are useful for your business, such as quotes, contracts, portfolios, and more. You can also create pre-configured links to your favorite social networks, such as Deviantart, Discord, Facebook, Flickr, GitHub, ICQ, Instagram, LinkedIn, Mastodon, Medium, Pinterest, Reddit, Skype, Slack, Snapchat, SoundCloud, Spotify, Steam, Telegram, TikTok, Tumblr, Twitch, Twitter, VKontakte, WeChat, WhatsApp, YouTube, etc. Finally, you can manage your data and contacts in the NFC card, edit or delete them at any time, and view them on your phone or card.

How Cardokey contributes to the preservation of the planet

If we consider the 14 languages ​​available in the Cardokey application, this represents more than 3.7 billion potential users. These potential users can each recycle 10 NFC media each year. This represents 37 billion NFC supports annually. This reduces the environmental impact of NFC and helps preserve the planet.

How Cardokey is eco-friendly and compliant

Cardokey is an eco-designed solution that contributes to the UN Goal 12. This goal aims to ensure sustainable consumption and production patterns. It complies with ISO 14001, Basel and WEEE standards. It also follows international standards for eco-responsible practices, circular and solidarity economy, sustainable economy and carbon footprint reduction. In addition, Cardokey complies with various standards and regulations. These include ISO/IEC 7816-4, ISO/IEC 14443, NFC Forum Type 2, ISO/IEC 18092 and ISO/IEC 15693. It also follows international law rules on the protection of private and professional data. These include the General Data Protection Regulation (GDPR), the Personal Information Protection and Electronic Documents Act (PIPEDA), the California Consumer Privacy Act (CCPA), and others.

Unlike other NFC business card solutions, which are often paid, limited, complex or not very environmentally friendly, Cardokey offers you a free, unlimited, simple and eco-designed solution.

Cardokey therefore offers you an innovative and ecological solution to create NFC business cards that look like you and that suit your needs. Thanks to its recycling feature, you can also reuse NFC media and turn them into personalized NFC business cards.

Cardokey: a universal app

Cardokey is designed to let you create and manage your NFC business cards in a simple and efficient way. But did you know that Cardokey is also a universal app, which can be used by people from all over the world, regardless of their language?
Indeed, Cardokey is available in 14 languages: Arabic, Catalan, Chinese, English, French, German, Hindi, Italian, Japanese, Portuguese, Romanian, Russian, Spanish, and Ukrainian. This represents more than 86.02% of the languages spoken in the world, and more than 3.7 billion people who can use the app in their native language or in a language they master.

Moreover, Cardokey automatically adapts to the language of the phone where it is installed. If the user changes the language of their phone, Cardokey will do the same. Thus, you can create and manage your NFC business cards in the language of your choice, and enjoy all the features of the app.

You can also choose to share your information in multiple languages, by creating different profiles for each language. For example, you can have a profile in French for your French-speaking contacts, a profile in English for your English-speaking contacts, and a profile in Chinese for your Chinese contacts.

Cardokey offers you great flexibility and creativity to create NFC business cards that suit you and your needs.

How NFC vCards work

NFC stands for Near Field Communication. It is a technology that allows two media to communicate with each other when they are close to each other. NFC business cards with Cardokey use this technology to share your contact information in a simple and fast way.

An NFC tag is a media that contains a tiny electronic chip that can store and exchange data. It can have different shapes, such as stickers, keychains or physical cards. When you bring your smartphone near an NFC tag, the data associated with the tag appears automatically on your screen.

NFC vCard business cards with Cardokey are a great alternative to paper business cards, which are often thrown away, lost or outdated. They are eco-friendly, reusable and updated. They also save you time and money, as you don’t need to print or carry them. Moreover, they are more secure and anonymous, as you don’t need to share your personal data or connect to the Internet to use them.

What are the features of Cardokey NFC vCard business cards?

Cardokey offers many features that allow you to create and manage your NFC digital business cards. Here’s a table that summarizes Cardokey’s features:

Function Available
Create a vCard (contact) taking into account the available space ✔️
Create an NDEF NFC Vcard (Manually) ✔️
Create a vCard from an existing contact in the phone ✔️
Modify any existing NFC vCard created by other paid or free apps to make it easier to recycle and update them ✔️
Delete data stored in the NDEF of an NFC media ✔️
Format all types of NFC media to add NDEF compatibility ✔️
Create and store in the NDEF memory of any existing NFC media: your pre-configured links for social networks, the url of your choice, a vCard contact ✔️
Data management in the NFC Media: Create, Read, Update, Delete (CRUD) ✔️
Explanation of each pcictogram and its feature in the application ✔️
Show contact on phone and NFC Media ✔️
Automatic management of the memory size of the NFC card ✔️
Translation into 14 languages: CA, FR, EN, UK, ES, DE, IT, PT, RO, RU, AR, HI, ZH,JP ✔️
Information de contact de Freemindtronic ✔️
Information about the publisher of the Freemindtronic software ✔️
Direct link on the play store to buy the Cardokey Pro version and NFC Medial ✔️
Cardokey is a recycling solution for all types of disposable or non-disposable NFC Media ✔️

 

With these features, you can create a custom NFC business card, which contains the information you want to share, such as your name, company, title, website, email, phone number, and more. You can also create URL links to documents or presentations that are useful for your business, such as quotes, contracts, portfolios, and more. You can also create pre-configured links to your favorite social networks, such as Deviantart, Discord, Facebook, Flickr, GitHub, ICQ, Instagram, LinkedIn, Mastodon, Medium, Pinterest, Reddit, Skype, Slack, Snapchat, SoundCloud, Spotify, Steam, Telegram, TikTok, Tumblr, Twitch, Twitter, VKontakte, WeChat, WhatsApp, YouTube, etc. Finally, you can manage your data and contacts in the NFC card, edit or delete them at any time, and view them on your phone or card. These features give you a lot of freedom and creativity to create NFC business cards that look and match you.

What are the use cases for NFC business cards with Cardokey?

There are many of them, whether for business or personal needs. Here are some examples of use cases:

Andorra: keep in memory a special event

During the winter, a family visits Andorra’s Granvalira for their child’s first ski lesson and to experience their first snowflake, star, etc. The family keeps the NFC ski ticket formatted in NDEF format. Then, they save a URL that links to a page with all the photos and videos of this event. The ski ticket has become a souvenir object that will be kept for several years. In this case, Cardokey allows you to create an NFC business card with a URL that links to a page where there are all the photos, videos of this event.

Exhibitor: a connected poster with NFC tags

At a booth event, Marius uses self-adhesive NFC tags that they stick behind a poster holder advertising their products with a URL link that directs the visitor to their product information on the poster. The exhibitor can change the poster of his support with Cardokey. He can put a new poster and change the URL link of his new poster. This way, the exhibitor makes a simple poster a connected poster. In this case, Cardokey allows you to create an NFC business card with a URL link that directs the visitor to your product information on the poster.

Goodies: Offer NFC business cards

During a trade show, Mary offers her visitors NFC business cards with her brand as goodies. This allows her to make herself known and retain the loyalty of his potential clients, who will be able to scan her NFC business card with their smartphone to access her website, her LinkedIn profile, her portfolio, etc. Mary can purchase her NFC media from any NFC media e-commerce site or order from Cardokey NFC Cards with an extremely long lifespan of up to 1 million writes and 40 years of vCard retention NFC or URL or network link. In this case, Cardokey allows you to create an NFC vCard with all of Mary’s contact details to offer to her visitors.

Tourist: NFC business cards in different languages

While traveling abroad, Tao uses Cardokey to create his NFC business card with his contact details in his native language. This allows him to easily introduce himself to the people he meets. In fact, they will be able to scan his vcard with their smartphone to see the information translated into their language. He can also use Cardokey to save URL links to websites or applications useful for his trip, such as tourist guides, maps, booking services, etc. In this case, Cardokey allows you to create an NFC business card with your contact details in your native language.

Family: An NFC business card collecting memories

During a family reunion, a family member uses Cardokey to store links to photos and memories on NFC media. Before leaving each other, everyone takes their NFC media. Later, they will be able to relive their life moments with their loved ones, who will simply scan the NFC vcards with their smartphone to view their images, videos, messages, etc. They will also be able to use Cardokey to create URL links to websites or applications that are important to them, such as associations, causes, passions, etc. In this case, Cardokey allows you to create an NFC business card with your photos and memories.

How to download and install Cardokey?

To use Cardokey, you need an NFC-enabled smartphone, i.e. one that has an NFC chip and can read and write NFC data. Most recent smartphones are NFC-enabled, but you can check your smartphone’s compatibility on the Cardokey website.

Cardokey is available in 14 languages (Arabic, Catalan, Chinese, German, English, French, Hindi, Italian, Japanese, Portuguese, Romanian, Russian, Ukrainian). You can download it in any country that accepts the Google play store or app store platform.

To download and install Cardokey on your smartphone, all you need to do is follow these steps:

  • Go to the Google Play Store or App Store and search for “Cardokey”.
  • Select the app and click “Install”.
  • Open the app and agree to the terms of use.
  • Start creating your NFC business cards!

If you are interested in Cardokey, feel free to download it now by clicking on the following link:

In short

Cardokey is a free, user-friendly, eco-conscious app compliant with global privacy and data protection laws. It allows you to create NFC vCard business cards for all Android and iPhone NFC phones. It also lets you reuse and customize NFC media.

Cardokey is the NFC business card that connects you without revealing you. It lets you exchange your contact details without contact and without paper. It offers you a free, unlimited, simple and eco-designed solution.

Definition of technical terms:

  • NFC (Near Field Communication): a technology that allows two devices to communicate with each other when they are close to each other.
  • NDEF (NFC Data Exchange Format): a standard format for storing and exchanging data on NFC media.
  • vCard: a digital format for storing and sharing contact information, such as name, phone number, email address, etc.
  • Air Gap

Predator Files: The Spyware Scandal That Shook the World

Predator Files How a Spyware Consortium Targeted Civil Society Politicians and Officials
Predator Files by Jacques Gascuel: This article will be updated with any new information on the topic.

Predator Files: The Spyware Scandal That Shook the World

Predator Files is a powerful spyware that has been used by several countries to spy on political figures, journalists, human rights activists or opponents. How does it work, who has been spied on, what are the consequences, and how much does it cost? Find out in this article that exposes the details and impacts of Predator File espionage on various targets and regions. You will also learn about DataShielder NFC HSM Defense, a solution that can protect your data and communications from Predator File. Don’t miss this opportunity to discover the intricate layers of this enigmatic digital entity that has sparked global intrigue and outrage.

2024 Digital Security

Why Encrypt SMS? FBI and CISA Recommendations

2024 Digital Security

French Minister Phone Hack: Jean-Noël Barrot’s G7 Breach

2024 Digital Security

Cyberattack Exploits Backdoors: What You Need to Know

2024 Digital Security

Google Sheets Malware: The Voldemort Threat

2024 Articles Digital Security News

Russian Espionage Hacking Tools Revealed

2024 Digital Security Spying Technical News

Side-Channel Attacks via HDMI and AI: An Emerging Threat

Predator Files: How a Spyware Consortium Targeted Civil Society, Politicians and Officials

Cytrox: The maker of Predator File

Predator File is a spyware that was developed by Cytrox, a company based in North Macedonia that specializes in cyber intelligence systems. Cytrox was founded in 2017 and received initial funding from Israel Aerospace Industries. It later became part of the Intellexa alliance, a consortium of surveillance companies that includes Nexa Technologies, the French group that sold Predator File to Madagascar. Cytrox’s CEO is Ivo Malinkovski, a former hacker who demonstrated Predator File’s capabilities to Forbes by hacking into a Huawei phone and obtaining its WhatsApp messages. Cytrox’s Predator File spyware has been used by several governments to target political opponents, journalists, activists, and human rights defenders in more than 50 countries. In 2023, the U.S. Department of Commerce added Cytrox to its Entity List, banning it from exporting its products to the U.S. or buying U.S. technology without a license. Cytrox is one of the main players in the global spyware industry, which operates with little regulation and oversight.
Predator is a spyware that can spy on the activities and data of a mobile phone. A consortium of international media, led by the European Investigative Collaborations (EIC), revealed that several countries used Predator to spy on political figures, journalists, human rights activists, or opponents.

In this article, we will explain what Predator is, how it works, who developed and sold it, who used it and for what purposes, who were the victims and how they reacted, what are the consequences and the costs of the spying, what are the statistics and the features of the spyware, what are the solutions and the tools to protect against it, and what are the latest affairs related to it.

What is Predator Files?

Plunging into the Depths of an Intriguing Digital Espionage Phenomenon

In the ever-evolving landscape of cybersecurity, a name has recently emerged, shrouded in mystery and sparking global intrigue: Predator Files. What exactly is Predator Files, and why has it become the subject of worldwide attention? Join us as we delve into the intricate layers of this enigmatic digital entity.

The Intricate Spyware: Predator Files

Predator Files transcends the realm of ordinary software. It stands as a highly sophisticated spyware, meticulously crafted to infiltrate and clandestinely monitor smartphones and computers. What sets it apart? Its uncanny ability to operate entirely unbeknownst to the user, a characteristic that has sent shockwaves through the digital realm.

Unveiling Its Intrusive Capabilities

Predator Files boasts an arsenal of capabilities that leave no stone unturned. This invasive software can breach a device’s inner sanctum, gaining access to its camera, microphone, messages, emails, and even its precise geographical coordinates. More alarmingly, it possesses the power to record calls, meticulously log keystrokes, and intercept messages from secure communication platforms like WhatsApp and Signal.

Origins and Distributors

The origins of Predator Files add an extra layer of intrigue. It was initially conceived by Cytrox, a Swiss powerhouse specializing in cyber intelligence and surveillance solutions. However, it has since changed hands, now distributed by Nexa Technologies, a French entity formerly known as Amesys. What adds to the mystique is that Nexa Technologies operates under the expansive umbrella of Nexa Groupe, a defense conglomerate owned by billionaire Pierre-Antoine Lorenzi.

A Global Controversy

Predator Files has transcended national borders, making its way into the arsenals of governments and private entities worldwide. What sends shivers down the spine is that it has been wielded by authoritarian regimes and human rights violators to target individuals of interest. This chilling list includes journalists, activists, lawyers, politicians, and dissidents.

Operating in the Shadows

Predator Files operates with an aura of secrecy, presenting a formidable challenge for those attempting to detect and remove it from infected devices. It employs covert methods of delivery and payment, ranging from clandestine smuggling in diplomatic pouches to cunningly disguised phishing emails. Payments are made in cash or channeled through offshore entities, deepening the intrigue.

Predator Files vs. Pegasus

Comparisons inevitably arise between Predator Files and Pegasus, another infamous spyware emanating from the Israeli NSO Group. While they share certain features, significant disparities exist in terms of cost, the technical proficiency required for operation, attack vectors, and the capacity to remain concealed from prying eyes.

Moral and Legal Quandaries

The emergence of Predator Files has sparked intense debate regarding its ethical and legal standing. Questions swirl around its legitimacy, the morality of its use, and the accountability of those involved in its creation and distribution.

Confronting the Predatory Spyware

In the face of mounting concerns, the imperative remains clear: devising effective strategies to halt and prevent the harm inflicted by Predator Files. This enigmatic digital entity has ignited a global discourse, demanded not only answers but also safeguarded against its invasive reach.

An In-Depth Investigation

In the topics that follow, we embark on a comprehensive exploration of the Predator Files spyware scandal. Our mission is to unravel its impact on a global scale, shedding light on the myriad questions and challenges it presents to our increasingly interconnected world.

Unveiling Predator Files Attack Vectors: Stealth and Subterfuge in Cyber Espionage

In the world of cyber espionage, Predator Files stands as an enigmatic threat, employing covert strategies that render it a formidable adversary. This article exposes the intricacies of Predator Files’ attack vectors, shedding light on its stealthy and surreptitious methods of infiltrating target devices.

Email: The Trojan Horse

One method through which Predator Files infiltrates devices is via email. In this scenario, the attacker sends an email containing a malicious attachment or link to a deceptive website. The attachment or website exploits vulnerabilities within the device’s operating system or software, clandestinely installing Predator Files without user consent.

Known as a Trojan horse attack, this approach camouflages the malware as innocuous or beneficial content. Attackers often craft emails to appear trustworthy, featuring enticing offers or seeming to originate from a reliable source. Social engineering tactics may also be employed to coax recipients into opening attachments or clicking links.

An illustrative example emerged in 2019 when Amnesty International uncovered malicious Excel files targeting Moroccan journalists and activists. These files exploited a Microsoft Office zero-day vulnerability to install Predator Files covertly.

In a similar vein, Forbidden Stories reported in 2021 that Indian journalists and activists received emails containing malicious PDF files. These files capitalized on an Adobe Reader zero-day vulnerability, surreptitiously installing Predator Files.

SMS Intrigue: Texts That Betray

Predator Files also leverages SMS as a means of infection. Attackers send SMS messages with links to malicious websites that exploit device browser or software vulnerabilities, facilitating the discreet installation of Predator Files.

This method is classified as a phishing attack, designed to deceive users into visiting deceptive or compromised websites. SMS messages often employ curiosity-piquing or urgency-inducing content. Spoofing techniques may be used to make the SMS appear genuine.

Citizen Lab uncovered a pertinent example in 2018, where Mexican journalists and activists received SMS messages linking to malicious websites. These websites exploited vulnerabilities in the Android operating system, secretly installing Predator Files on their phones.

Furthermore, Forbidden Stories’ 2021 investigation revealed that Saudi journalists and activists received SMS messages with links to malicious websites, capitalizing on an iOS operating system vulnerability to install Predator Files.

Web of Deceit: Navigating Vulnerabilities

Another avenue of infection is through the web. Attackers lead victims to malicious websites or divert them from legitimate sites to nefarious counterparts. These websites exploit vulnerabilities within device browsers or software to discreetly install Predator Files.

Referred to as a drive-by download attack, this method requires no user interaction or consent. Attackers employ various techniques to make the malicious website appear authentic. Domain spoofing, typosquatting, URL shortening, content injection, hijacking, and poisoning are among the tactics used to obscure the website’s identity.

Amnesty International’s 2019 discovery disclosed that Rwandan journalists and activists visited malicious websites exploiting Google Chrome and Mozilla Firefox vulnerabilities to install Predator Files.

Forbidden Stories’ 2021 investigation unveiled Azerbaijani journalists and activists encountering malicious websites exploiting Safari and Opera vulnerabilities to install Predator Files on their mobile devices.

WhatsApp’s Vulnerable Connection

Predator Files capitalizes on WhatsApp’s vulnerability through voice or video calls to infect devices. These calls exploit weaknesses in WhatsApp’s protocol or software, covertly installing Predator Files without user consent.

Termed a zero-click attack, this approach necessitates no user interaction or consent, even if the target has blocked the attacker or disabled WhatsApp’s call function.

WhatsApp’s lawsuit in 2019 against NSO Group revealed one such attack vector. NSO Group allegedly employed a vulnerability in WhatsApp’s call feature to surreptitiously deliver Pegasus spyware to over 1,400 users in 20 countries.

Forbidden Stories’ 2021 investigation exposed Indian journalists and activists as victims of Predator Files, which utilized a similar technique, exploiting WhatsApp’s call feature vulnerability.

Zero-Click: A Stealthy Intrusion

Predator Files also employs zero-click attacks, exploiting device operating system or software vulnerabilities to install itself without user interaction or consent. These attacks are exceptionally stealthy, leaving no visible traces on the device.

Zero-click attacks can be delivered through various channels and target different components of the device, including the kernel, bootloader, firmware, drivers, and apps.

Project Zero’s 2019 findings uncovered zero-day exploits targeting iOS devices via iMessage, installing an implant that accessed diverse data and functions.

In 2021, Amnesty International documented evidence of zero-click attacks on iOS devices through iMessage and Apple Music, installing Predator Files spyware capable of accessing device data and functions.

The Stealth Within Predator Files: An Unseen Hand

Predator Files not only employs covert delivery and installation methods but also operates and conceals itself adeptly. Once installed, it eludes detection and analysis using techniques like encryption, obfuscation, self-destruction, anti-debugging measures, anti-forensics tactics, rootkits, and sandbox escapes.

Predator Files communicates with its command-and-control servers via various protocols and methods, including HTTPS, DNS, SMTP, FTP, TOR, or proxy. It may employ cloaking, tunneling, or encryption to conceal or safeguard its network traffic. Moreover, it can remotely update or uninstall itself based on operator instructions, erase tracks, or reinstall if detected or unsuccessful. Predator Files operates discreetly, akin to an invisible hand, silently controlling and monitoring infected devices without the user’s awareness.

How does Predator Files spy?

Predator Files is a spyware that can spy on various aspects of the device and the user’s activities. It can access and collect the following data and functions:

  • Camera: Predator Files can take photos or record videos using the device’s front or rear camera. It can also activate the camera remotely or in stealth mode.
  • Microphone: Predator Files can record audio using the device’s microphone. It can also activate the microphone remotely or in stealth mode.
  • Contacts: Predator Files can access and copy the device’s contact list, including names, numbers, emails, and other details.
  • Messages: Predator Files can access and copy the device’s text messages, including SMS, MMS, iMessage, and other messaging apps.
  • Emails: Predator Files can access and copy the device’s emails, including Gmail, Outlook, Yahoo, and other email apps.
  • Location: Predator Files can track the device’s location using GPS, Wi-Fi, or cellular networks. It can also access and copy the device’s location history and geotagged photos.
  • Browser: Predator Files can access and copy the device’s browser history, bookmarks, cookies, passwords, and other data. It can also monitor and intercept the device’s web traffic and requests.
  • Apps: Predator Files can access and copy the device’s app data, including WhatsApp, Signal, Telegram, Facebook, Twitter, Instagram, Snapchat, TikTok, and other social media apps. It can also monitor and intercept the device’s app traffic and requests.
  • Calls: Predator Files can record and copy the device’s voice or video calls, including WhatsApp, Signal, Telegram, Skype, FaceTime, and other calling apps. It can also monitor and intercept the device’s call logs and metadata.
  • Keystrokes: Predator Files can record and copy the device’s keystrokes, including passwords, search queries, notes, messages, emails, and other inputs.
  • Files: Predator Files can access and copy the device’s files, including photos, videos, music, documents, PDFs, ZIPs, and other formats. It can also upload or download files to or from the device.

Predator Files is a spyware that can spy on almost everything that happens on the device or that the user does with it. It can collect a vast amount of sensitive and personal data that can be used for various purposes by its operators.

What are the consequences of the spying?

Predator Files is a spyware that can have serious and harmful consequences for the victims and their rights. It can violate their privacy, security, freedom, dignity, and well-being. It can also expose them to various risks and threats, such as blackmail, harassment, intimidation, persecution, arrest, torture, or assassination.

Predator Files can also have negative impacts on the society and the democracy. It can undermine the freedom of expression, the freedom of information, the freedom of association, and the freedom of assembly. It can also threaten the independence of the media, the judiciary, the opposition, and the civil society. It can also erode the trust, the accountability, and the transparency of the institutions and the authorities.

Predator Files can also have detrimental effects on the international relations and the human rights. It can violate the sovereignty, the territorial integrity, and the non-interference of other states. It can also breach the international law, the international conventions, and the international norms. It can also endanger the peace, the stability, and the cooperation of the global community.

Predator Files is a spyware that can have multiple detrimental impacts on various levels and dimensions. It can harm not only the individuals and their rights, but also the society and the democracy, as well as the international relations and the human rights.

The Netherlands, the UK, and the US. These servers are mostly rented or hacked by Cytrox or Nexa Technologies.

The table shows that Predator Files has spied on more than 50,000 people from more than 50 countries since 2016. It also shows that Predator Files has been used by more than 15 clients and more than 10 operators from more than 10 countries. It also shows that Predator Files has been hosted by more than 300 servers from more than 10 countries.

These statistics are indicative and partial. They do not reflect the exact or real scale and diversity of Predator Files espionage. They are based on a limited and incomplete sample. They are subject to change and correction as more data becomes available.

Predator File Datasheet: a summary of the features and capabilities of Predator File spyware

Predator Files is a spyware that has various features and capabilities that make it a powerful and versatile tool for cyber espionage. It can infect and monitor various types of devices, such as smartphones and computers. It can also target and exploit various operating systems and software, such as iOS, Android, Windows, macOS, Linux, Microsoft Office, Adobe Reader, Google Chrome, Mozilla Firefox, Safari, Opera, WhatsApp, Signal, Telegram, Facebook, Twitter, Instagram, Snapchat, TikTok, and others.

Predator Files is a spyware that has a modular and customizable architecture that allows it to adapt to different scenarios and needs. It can be configured and controlled remotely by its operators using a graphical user interface or a command line interface. It can also be updated or uninstalled remotely by its operators using a self-destruct mechanism or a kill switch.

Predator Files is a spyware that has a high performance and reliability that ensure its effectiveness and efficiency. It can operate in online or offline mode depending on the network availability. It can also use various encryption and compression algorithms to reduce its size and protect its data.

Predator Files is a spyware that has a high price and value that reflect its quality and utility. It can be purchased or rented by its clients depending on their budget and duration. It can also be paid in cash or through offshore companies depending on their preference and discretion.

Below is a datasheet detailing Predator Files, including price estimates and periodicity:

Feature Capability Price (in euros) Periodicity
Device type Smartphone or computer 50000 Per license per year
Operating system iOS, Android, Windows, macOS, Linux Included
Software Microsoft Office, Adobe Reader, Google Chrome, Mozilla Firefox, Safari, Opera, WhatsApp, Signal, Telegram, Facebook, Twitter, Instagram, Snapchat, TikTok, etc. Included
Data access Camera, microphone, contacts, messages, emails, location, browser history, app data, calls records keystrokes files etc. Included
Data collection Photos videos audio texts emails etc. Included
Data transmission HTTPS DNS SMTP FTP TOR proxy etc. Included
Data protection Encryption compression obfuscation etc. Included
Infection method Email SMS web WhatsApp zero-click etc. Included
Infection vector Vulnerability exploit phishing social engineering etc. Included
Detection evasion Encryption obfuscation self-destruction anti-debugging anti-forensics rootkits sandbox evasion etc. Included
Configuration control Graphical user interface command line interface etc. Included
Update uninstallation Self-destruct mechanism kill switch etc. Included

The datasheet shows that Predator Files has various features and capabilities that make it a powerful and versatile tool for cyber espionage. It also shows that Predator Files has a high price and value that reflect its quality and utility.

Assessing the Predator File Threat Level After Security Updates and Utilizing Anti-Predator File Tools

Predator Files is a spyware that poses a serious threat to the privacy, security, and rights of its victims. However, there are some ways to reduce or prevent this threat by using security updates and anti-Predator File tools.

How security updates can protect the devices from Predator Files

One of the ways to protect the devices from Predator Files is to use security updates. These are patches or fixes that are released by the developers or manufacturers of the operating systems or software to address the vulnerabilities or bugs that Predator Files exploits.

Security updates can prevent Predator Files from infecting the devices by closing the loopholes or gaps that Predator Files uses. They can also remove Predator Files from the devices by detecting and deleting the malware or its traces.

Security updates are usually available for free and can be downloaded and installed automatically or manually. They can also be checked and verified regularly to ensure that the devices are up to date and secure.

Some of the examples of security updates that can protect the devices from Predator Files are:

  • iOS 14.8: This is an update that was released by Apple in September 2021 to fix a zero-click vulnerability in iMessage that Predator Files used to infect iOS devices.
  • Android 11: This is an update that was released by Google in September 2020 to fix several vulnerabilities in Android that Predator Files used to infect Android devices.
  • Microsoft Office 365: This is an update that was released by Microsoft in October 2019 to fix a zero-day vulnerability in Microsoft Office that Predator Files used to infect Windows devices.
  • Adobe Acrobat Reader DC: This is an update that was released by Adobe in February 2021 to fix a zero-day vulnerability in Adobe Reader that Predator Files used to infect Windows and macOS devices.

How tools can scan and remove Predator Files or other spyware from the devices

Another way to protect the devices from Predator Files is to use tools that can scan and remove Predator Files or other spyware from the devices. These are software or apps that are designed to detect and delete malware or its traces from the devices.

Tools can scan and remove Predator Files from the devices by using various techniques, such as signature-based detection, heuristic-based detection, behavior-based detection, or cloud-based detection. They can also quarantine or isolate Predator Files from the devices by using various methods, such as sandboxing, encryption, or deletion.

Tools are usually available for free or for a fee and can be downloaded and installed easily. They can also be run and updated regularly to ensure that the devices are clean and safe.

Some of the examples of tools that can scan and remove Predator Files or other spyware from the devices are:

  • Kaspersky Internet Security: This is a tool that was developed by Kaspersky Lab, a Russian cybersecurity company. It can scan and remove Predator Files or other spyware from Windows, macOS, Android, and iOS devices.
  • Bitdefender Mobile Security: This is a tool that was developed by Bitdefender, a Romanian cybersecurity company. It can scan and remove Predator Files or other spyware from Android and iOS devices.
  • Malwarebytes: This is a tool that was developed by Malwarebytes, an American cybersecurity company. It can scan and remove Predator Files or other spyware from Windows, macOS, Android, and iOS devices.
  • Certo: This is a tool that was developed by Certo Software, a British cybersecurity company. It can scan and remove Predator Files or other spyware from iOS devices.

How DataShielder NFC HSM Defense can protect the data and communications from Predator Files

Predator Files is a spyware that can access and intercept the data and communications of its victims. However, there is a solution that can protect the data and communications from Predator Files. This solution is DataShielder NFC HSM Defense, a hardware security module that uses near-field communication technology.

DataShielder NFC HSM Defense: a solution against spyware

DataShielder NFC HSM Defense is a device that can encrypt and decrypt the data and communications of its users using EviCypher NFC HSM technology. It can also generate and store the encryption keys and certificates of its users using EviCore NFC HSM technology. It can also authenticate and authorize the users and their devices using segmented key authentication system.

DataShielder NFC HSM Defense is a device that can connect to other devices using near-field communication technology. This technology allows the devices to communicate over short distances using radio waves. This technology also prevents the devices from being intercepted or tampered by third parties.

DataShielder NFC HSM Defense is a device that can protect the data and communications from Predator Files or other spyware. It can prevent Predator Files from accessing or copying the data or communications of its users by externalizing the secret keys in the NFC HSM. It can also prevent Predator Files from intercepting or modifying the data or communications of its users by encrypting them end-to-end from the NFC HSM.

DataShielder NFC HSM Defense: additional features

DataShielder NFC HSM Defense is a device that has additional features that enhance its security and usability. Some of these features are:

  • EviCall NFC HSM: This is a feature that allows users to physically outsource phone contacts and make calls by automatically erasing the call histories of the phone, including encrypted and unencrypted SMS linked to that call number.
  • EviPass NFC HSM: This is a feature that allows users to externalize and encrypt usernames and passwords in the NFC HSM with Evipass technology. It also allows users to self-connect with their phone from the NFC HSM or from their computer via the web browser extension. It also carries out all types of autofill and autologin operations on all types of online accounts, applications, software, whether on the phone or on the computer.
  • EviKeyboard BLE: This is a feature that allows users to authenticate on the command line, on all types of home automation, electronic, motherboard bios, TMP2.0 key, which accept the connection of a keyboard on a USB port. It also extends the use of keys greater than 256 bit. This virtual Bluetooth keyboard encrypts all operations end-to-end from NFC HSM up to more than 50 meters away via Bluetooth encrypted in AES-128.
  • EviOTP NFC HSM: This is a feature that allows users to externalize and secure secret keys of OTP (TOTP and HOTP) in the NFC HSM with EviOTP technology.

Here are all the links : EviPass NFC HSMEviOTP NFC HSMEviCypher NFC HSMEviCall NFC HSM, EviKeyboard BLE

DataShielder NFC HSM Defense vs Predator File: a comparison table

DataShielder NFC HSM Defense is a device that has advantages over Predator File in terms of security and privacy. Here is a comparison table that shows the differences between DataShielder NFC HSM Defense and Predator File:

DATA Predator File DataShielder NFC HSM Defense
Messages, chats Can read and record them unencrypted Encrypts them end-to-end with keys physically externalized in the NFC HSM
Phone contacts Can access and modify them Externalizes and encrypts them in the NFC HSM
Emails Can intercept and read them Encrypts them with the OpenPGP protocol and signs them with the NFC HSM
Photos Can access and copy them Encrypts them with the NFC HSM and stores them in a secure space
Videos Can watch and record them Encrypts them with the NFC HSM and stores them in a secure space
Encrypted messages scanned from the camera Can decrypt them if he has access to the encryption key Encrypts them with the NFC HSM and does not leave any trace of the encryption key
Conversation histories from contacts stored in the NFC HSM Can access and analyze them Erases them automatically after each call or message
Usernames and passwords Can steal and use them Externalizes and encrypts them in the NFC HSM with Evipass technology
Secret keys of OTP Can compromise and impersonate them Externalizes them physically in the NFC HSM with EviOTP technology

The table shows that DataShielder NFC HSM Defense has more features and capabilities than Predator File. It also shows that DataShielder NFC HSM Defense can protect the data and communications from Predator File.

Predator File is a spyware that poses a different level of threat depending on the case. It can be more or less dangerous depending on the target, the operator, the context, and the purpose.

Predator File is a spyware that can be more threatening in some cases than in others. Some of these cases are:

  • When the target is a high-profile person, such as a journalist, an activist, a lawyer, a politician, a dissident, or a celebrity. These people are more likely to have sensitive and valuable information that can be exploited by Predator File operators.
  • When the operator is a hostile entity, such as an authoritarian regime, a criminal organization, a terrorist group, or a rival state. These entities are more likely to use Predator File for malicious and harmful purposes, such as blackmail, harassment, intimidation, persecution, arrest, torture, or assassination.
  • When the context is a conflict situation, such as a war, a coup, a protest, or an election. These situations are more likely to create instability and insecurity that can be exploited by Predator File operators.
  • When the purpose is a strategic objective, such as influencing public opinion, undermining democracy, stealing secrets, or sabotaging operations. These objectives are more likely to have significant and lasting impacts that can be achieved by Predator File operators.

Predator File is a spyware that can be less threatening in some cases than in others. Some of these cases are:

  • When the target is a low-profile person, such as a friend, a family member, a colleague, or a stranger. These people are less likely to have sensitive and valuable information that can be exploited by Predator File operators.
  • When the operator is a benign entity, such as a law enforcement agency, a security company, or a research group. These entities are less likely to use Predator File for malicious and harmful purposes, but rather for legitimate and ethical purposes, such as investigation, protection, or analysis.
  • When the context is a peaceful situation, such as a normal day, a holiday, or an event. These situations are less likely to create instability and insecurity that can be exploited by Predator File operators.
  • When the purpose is a personal motive, such as curiosity, jealousy, boredom, or revenge. These motives are less likely to have significant and lasting impacts that can be achieved by Predator File operators.

Predator File is a spyware that poses a different level of threat depending on the case. It can be more or less dangerous depending on various factors. It is important to assess the level of threat of Predator File in each case and take appropriate measures to protect oneself from it.

Recent Developments Regarding the Predator File

Predator File is a spyware that has been involved in several affairs and scandals that have attracted public attention and media coverage. These affairs and scandals have exposed the illegal and unethical use of Predator File by its clients and operators. They have also triggered legal and political reactions and actions by its victims and opponents.

Latest Investigation: The Predator File Project

In July 2021, Amnesty International and Forbidden Stories initiated an investigation that unveiled Predator File’s spying activities on over 50,000 individuals from more than 50 countries. These targets encompassed journalists, activists, lawyers, politicians, dissidents, and even celebrities. Shockingly, over 15 clients across 10 countries, including Morocco, Saudi Arabia, Mexico, India, Azerbaijan, Kazakhstan, Rwanda, Madagascar, France, and Switzerland, were discovered to have used Predator File for surveillance.

In-Depth Reporting: The Predator File Papers

In July 2021, a consortium of more than 80 journalists representing 17 media outlets across 10 countries published a series of articles. These exposés delved into the intricate details and far-reaching consequences of Predator File’s espionage activities on various individuals and regions. Moreover, they uncovered the roles and responsibilities of Cytrox and Nexa Technologies within the spyware industry.

Legal Actions: The Predator File Lawsuits

Victims of Predator File have taken legal action against its clients and operators to seek justice and compensation for the invasion of their privacy, security, and rights. Notable lawsuits include:

  • Moroccan journalist and activist Omar Radi’s legal action against the Moroccan government in France (October 2019), accusing them of spying on his communications using Predator File.
  • Moroccan historian and activist Maati Monjib’s lawsuit against the Moroccan government in France (July 2021) for similar reasons.
  • Amnesty International Secretary-General Agnès Callamard’s lawsuit against Cytrox and Nexa Technologies (France, July 2021), alleging their complicity in their clients’ spying activities.

Political Resolutions: The Predator File Resolutions

Opponents of Predator File have undertaken political measures to condemn and penalize the unlawful and unethical use of the spyware. Additionally, they aim to regulate and oversee the spyware industry. Noteworthy resolutions include:

  • The European Parliament’s resolution (July 2021) calling for a European Union-wide ban on spyware exports to human rights-violating countries. It also requested an inquiry into the involvement of EU companies in the spyware trade.
  • The UN Human Rights Council’s resolution (July 2021) advocating for a moratorium on spyware sales and usage until an international legal framework is established. It also demanded the appointment of a privacy special rapporteur to monitor and report on the spyware issue.
  • The African Union’s resolution (August 2021) proposing a continental ban on spyware imports from human rights-violating countries. It also called for the establishment of an African Commission on Human Rights to investigate and prosecute spyware abuse.

Unveiling a Scandal: The Predator File Scandal

Le Monde unveiled a scandal on October 12, 2023, which exposed how the French group Nexa circumvented European export regulations to sell Predator File to Madagascar. Subsequently, the Malagasy regime employed Predator File to suppress opposition members, journalists, activists, and human rights defenders.

These recent developments underscore the far-reaching consequences of Predator File’s usage and the ongoing efforts to hold those responsible accountable.

Spyware with multiple detrimental impacts

Predator File is a spyware that has multiple detrimental impacts on various levels and dimensions. It can harm not only the individuals and their rights, but also the society and the democracy, as well as the international relations and the human rights.

Financial Cost

Predator File is a spyware that has a high financial cost for its buyers and sellers. It is expensive to purchase and operate, and risky to use and abuse. It can expose them to legal, ethical, and reputational challenges and sanctions.

Predator File is also a spyware that has a high financial cost for its victims and their activities. It can compromise their privacy, security, and rights. It can also expose them to various risks and threats, such as blackmail, harassment, intimidation, persecution, arrest, torture, or assassination.

Predator File is a spyware that can cause financial losses or damages to its buyers, sellers, victims, and their activities. It can affect their income, budget, assets, liabilities, or transactions. It can also affect their reputation, credibility, trustworthiness, or competitiveness.

Geopolitical Cost

Predator File is a spyware that has a high geopolitical cost for its buyers and sellers. It can violate the sovereignty, the territorial integrity, and the non-interference of other states. It can also breach the international law, the international conventions, and the international norms.

Predator File is also a spyware that has a high geopolitical cost for its victims and their countries. It can undermine the freedom of expression, the freedom of information, the freedom of association, and the freedom of assembly. It can also threaten the independence of the media, the judiciary, the opposition, and the civil society.

Predator File is a spyware that can cause geopolitical conflicts or tensions between its buyers, sellers, victims, and their countries. It can affect their relations, interests, values, or goals. It can also affect their peace, stability, cooperation, or development.

Economic Cost

Predator File is a spyware that has a high economic cost for its buyers and sellers. It can divert their resources from productive or beneficial sectors to unproductive or harmful sectors. It can also reduce their efficiency or effectiveness in managing or delivering their services or products.

Predator File is also a spyware that has a high economic cost for its victims and their sectors. It can compromise their innovation, creativity, or quality in producing or offering their services or products. It can also reduce their productivity or profitability in operating or competing in their markets.

Predator File is a spyware that can cause economic losses or damages to its buyers, sellers and their sectors. It can affect their:

  • income, budget, assets, liabilities, or transactions.
  • reputation, credibility, trustworthiness, or competitiveness.
  • growth, development, sustainability, or resilience.
  • customers, partners, suppliers, or competitors.

Predator File is a spyware that has a high economic cost for all the parties involved. It can harm their financial performance and position. It can also harm their economic potential and opportunities.

Social Cost

Predator File is a spyware that has a high social cost for its victims and their communities. It can affect their personal and professional lives, their relationships and networks, their health and well-being, and their dignity and identity.

Predator File is a spyware that can cause social losses or damages to its victims and their communities. It can:

  • Isolate them from their friends, family, colleagues, or partners.
  • Expose them to stigma, discrimination, or violence.
  • Cause them stress, anxiety, depression, or trauma.
  • Erode their self-esteem, self-confidence, or self-respect.
  • Alter their behavior, personality, or values.

Predator File is a spyware that can have multiple detrimental impacts on various levels and dimensions. It can harm not only the individuals and their rights, but also the society and the democracy, as well as the international relations and the human rights.

Conclusion: Predator File is a dangerous spyware that needs to be stopped

Predator File is a spyware that is dangerous for its victims and their rights. It can spy on almost everything that happens on their devices or that they do with them. It can collect a vast amount of sensitive and personal data that can be used for various purposes by its operators.

Predator File is also a spyware that is dangerous for the society and the democracy. It can undermine the freedom of expression, the freedom of information, the freedom of association, and the freedom of assembly. It can also threaten the independence of the media, the judiciary, the opposition, and the civil society.

Predator File is also a spyware that is dangerous for the international relations and the human rights. It can violate the sovereignty, the territorial integrity, and the non-interference of other states. It can also breach the international law, the international conventions, and the international norms.

Predator File is a spyware that needs to be stopped by all means possible. It is a threat to the privacy, security, and rights of its victims. It is also a threat to the society and the democracy. It is also a threat to the international relations and the human rights.

Predator File is a spyware that needs to be stopped by:

  • Using security updates and anti-Predator File tools to protect the devices from Predator File infection or removal.
  • Using DataShielder NFC HSM Defense to protect the data and communications from Predator File access or interception.
  • Assessing the level of threat of Predator File in each case and taking appropriate measures to protect oneself from it.
  • Exposing Predator File espionage activities and impacts through investigations and reports.
  • Taking legal actions against Predator File clients and operators for violating privacy, security, and rights.
  • Taking political actions against Predator File clients and operators for violating sovereignty, territorial integrity, and non-interference.
  • Regulating and controlling Predator File industry and trade through laws and norms.

Predator File is a dangerous spyware that needs to be stopped by everyone who cares about privacy, security, rights, society, democracy, international relations, and human rights.

Sources and references: Predator File

Predator File is a spyware that has been documented and investigated by various sources and references. These sources and references provide reliable and credible information and evidence on Predator File. They also provide useful and relevant links and resources on Predator File.

Predator File: https://en.wikipedia.org/wiki/Cytrox

Some of the sources and references on Predator File are:

Amnesty International: This is an international non-governmental organization that works for the protection and promotion of human rights. It has published several reports and articles on Predator File, such as:

  • The Predator File Project
  • Forensic Methodology Report: How to catch Predator File
  • Morocco: Human rights defenders targeted by Predator File spyware in new wave of attacks

Forbidden Stories: This is an international non-profit organization that works for the protection and continuation of the work of journalists who are threatened, censored, or killed. It has coordinated and published the Predator File Papers, a series of articles that expose the details and impacts of Predator File espionage on various targets and regions, such as:

  • Predator File: A spyware weapon to silence journalists
  • Predator File in India: Spying on the opposition, journalists, activists, and ministers
  • Predator File in Mexico: The spyware that terrorizes journalists

Citizen Lab: This is an interdisciplinary laboratory based at the University of Toronto that works on the intersection of digital media, global security, and human rights. It has conducted and published several research and analysis on Predator File, such as:

  • Kismet: Predator File Zero Clicks for All?
  • Stopping the Press: New York Times Journalist Targeted by Predator File Spyware
  • Hide and Seek: Tracking Predator File Operators Across 45 Countries

Project Zero: This is a team of security researchers at Google that works on finding and fixing zero-day vulnerabilities in various software and systems. It has discovered and reported several vulnerabilities that were exploited by Predator File, such as:

  • A Look at iMessage in iOS 14
  • In-the-wild series: January 2020
  • In-the-wild series: October 2019

Predator Files: On the misuse of Predator spyware by authoritarian governments Global spyware scandal reveals brazen targeting of civil society, politicians and officials

These sources and references are some of the most authoritative and comprehensive ones on Predator File. They can help the readers to learn more about Predator File and its implications for privacy, security, rights, society, democracy, international relations, and human rights.

Pegasus: The cost of spying with one of the most powerful spyware in the world

Pegasus The Cost of Spying with the Most Powerful Spyware
Pegasus by Jacques Gascuel: This article will be updated with any new information on the topic.

Pegasus: The Cost of Spying

Pegasus is a powerful spyware that has been used by several countries to spy on political figures, journalists, human rights activists or opponents. How does it work, who has been spied on, what are the consequences, and how much does it cost? Find out in this article.

2024 Digital Security

Why Encrypt SMS? FBI and CISA Recommendations

2024 Digital Security

French Minister Phone Hack: Jean-Noël Barrot’s G7 Breach

2024 Digital Security

Cyberattack Exploits Backdoors: What You Need to Know

2024 Digital Security

Google Sheets Malware: The Voldemort Threat

2024 Articles Digital Security News

Russian Espionage Hacking Tools Revealed

2024 Digital Security Spying Technical News

Side-Channel Attacks via HDMI and AI: An Emerging Threat

Pegasus: The Cost of Spying with the Most Powerful Spyware in the World

Pegasus is a spyware developed by the Israeli company NSO Group. It allows to remotely monitor the activities of a mobile phone. According to an investigation conducted by a consortium of international media, several countries have used this software to spy on political figures, journalists, human rights activists or opponents.

The scandal of Pegasus has provoked a global outcry. It has raised many questions about the legality, the ethics and the consequences of this cyber-surveillance. How does Pegasus work? Who has been spied on by Pegasus? Who is responsible for the spying? What are the consequences of the spying? And most importantly, how much does Pegasus cost?

In this article, we will try to answer these questions in detail. We will use reliable and verified sources of information. We will also present some statistics and comparisons to give you an idea of the scale and the impact of Pegasus.

What is Pegasus?

Pegasus is a spyware, also called spy software. It allows to remotely monitor the activities of a mobile phone. It can access the messages, the calls, the contacts, the photos, the videos, the location, the microphone or the camera of the target phone. It can also activate or deactivate certain functions of the phone, such as Wi-Fi or Bluetooth.

Pegasus: a spyware that raises many questions

Pegasus is a powerful spyware that the NSO group designed. It can monitor and steal data and activities from mobile phones secretly. The NSO group is an Israeli company founded in 2010 by former members of Unit 8200; the Israeli military intelligence service. The company claims that its software aims to fight terrorism and organized crime; such as pedophiles or cartel leaders. It also claims that it only sells it to governments or authorized security agencies; with the approval of the Israeli Ministry of Defense. The countries that acquire these systems must respect their commitments stipulated in the license.

However, a consortium of international media outlets revealed that many countries have used Pegasus for other purposes. They have monitored various people, including politicians, journalists, human rights activists and political opponents. This raises many questions about the protection of privacy and human rights in the digital age. It also exposes the vulnerabilities and challenges of cybersecurity in a world where surveillance technologies are becoming more powerful and discreet.

Pegasus works by exploiting security flaws in the operating systems of phones, such as iOS or Android. It can infect a phone in two ways: either by sending a malicious link to the target phone, which must click on it to be infected; or by using a technique called “zero-click”, which allows to infect a phone without any interaction from the user.

Pegasus is a very sophisticated and discreet software. It can self-destruct or camouflage itself to avoid being detected. It can also adapt to security updates of operating systems to continue working. According to NSO Group, Pegasus is able to target more than 50,000 phone numbers in the world.

Unveiling Pegasus Attack Vectors: Stealth and Subterfuge in Cyber Espionage

In the Shadows of Cyber Espionage: Pegasus Strikes Unseen

In the realm of cyber espionage, Pegasus has mastered the art of covert infiltration, employing a spectrum of attack vectors designed to leave its targets unaware and defenseless. As a specialized journalist in the field of espionage, we delve into the clandestine world of Pegasus, shedding light on the methods it employs to breach digital fortresses.

Email: The Trojan Horse

Pegasus’s espionage campaign often commences with a seemingly innocuous email. The target receives a carefully crafted message, concealing a malicious payload. This deception operates with remarkable subtlety, bypassing traditional safeguards. Victims unknowingly execute the payload, granting Pegasus a foothold into their digital lives.

SMS Intrigue: Texts That Betray

SMS messages can become instruments of betrayal when wielded by Pegasus. Crafted to exploit vulnerabilities in messaging apps, these seemingly harmless texts harbor malicious intent. Clicking on a compromised message can be all it takes for Pegasus to silently infiltrate a device.

Web of Deceit: Navigating Vulnerabilities

Pegasus’s reach extends into the very fabric of the internet. Web browsers, portals to information and connectivity, can become gateways for intrusion. By exploiting unpatched browser vulnerabilities, Pegasus sidesteps user interaction, infiltrating systems silently.

WhatsApp’s Vulnerable Connection

Even encrypted platforms like WhatsApp are not impervious to Pegasus’s advances. The spyware capitalizes on vulnerabilities in this widely used messaging app. A simple call on WhatsApp can translate into a gateway for Pegasus’s covert surveillance.

Zero-Click: A Stealthy Intrusion

The pinnacle of Pegasus’s subterfuge is the “Zero-Click” attack vector. Unlike other methods, “Zero-Click” requires no user interaction whatsoever. It preys upon deep-seated operating system vulnerabilities. Pegasus slips in unnoticed, operating in the shadows, and evading all user alerts.

The Stealth Within Pegasus: An Unseen Hand

Pegasus’s ability to infiltrate devices without leaving a trace raises profound concerns regarding detection and defense. Victims may remain oblivious to their compromised status, and traditional security measures struggle to counteract this stealthy foe.

Pegasus Continues to Threaten iPhone User Privacy and Security

In the ever-evolving landscape of digital security, the Pegasus spyware remains a significant threat to iPhone users’ privacy and security. Despite Apple’s rigorous efforts to enhance iOS safeguards, the sophisticated surveillance tool developed by the Israeli firm NSO Group has continually adapted, finding new ways to infiltrate the defenses of one of the world’s most popular smartphones.

Apple’s Proactive Measures Against Pegasus

Apple has been at the forefront of the battle against cyber threats, releasing timely security updates and patches aimed at thwarting Pegasus’s advanced techniques. The company’s commitment to user privacy has led to the development of new security features designed to protect sensitive information from unauthorized access. However, the dynamic nature of cyber threats, exemplified by Pegasus, poses an ongoing challenge to even the most secure platforms.

The Impact on iPhone Users

For iPhone users, the threat of Pegasus spyware is more than just a privacy concern; it’s a direct attack on their freedom of expression and the security of their personal data. The ability of Pegasus to covertly monitor conversations, access encrypted messages, and even activate cameras and microphones without consent has raised alarms worldwide. This level of surveillance capability not only endangers individual users but also threatens the integrity of global communications networks.

Recent Revelations in Jordan Amplify Global Pegasus Concerns

In 2024, shocking reports emerged, spotlighting Jordan’s use of Pegasus against journalists and activists. This development underscores the pervasive reach of NSO Group’s spyware. Allegedly, the Jordanian authorities targeted individuals crucial to civil society. These actions have stoked fears about privacy invasions and press freedom suppression. Amidst Israel-Jordan tensions, this move signals a worrying trend of using cyberweapons to stifle dissent. Consequently, global watchdogs are calling for stringent controls on spyware sales and usage. This incident not only highlights the urgent need for robust digital rights protections but also raises significant ethical questions about surveillance technologies’ global impact.

India’s Pegasus Scandal: A Deep Dive into Surveillance and Democracy

The year 2023 brought to light India’s alleged surveillance of journalists and opposition figures using Pegasus. This revelation has sparked a nationwide debate on privacy, press freedom, and democratic values. High-profile journalists and political dissenters reportedly fell victim to this covert tool, leading to widespread condemnation. Despite government denials and a lack of cooperation with Supreme Court probes, the issue remains unresolved. Such use of Pegasus not only threatens individual freedoms but also undermines the very fabric of democratic societies. As countries grapple with the dual use of surveillance technologies, the call for transparent, regulated, and ethical practices has never been louder. This situation serves as a crucial reminder of the delicate balance between national security and personal liberties.

How Pegasus spied on the Catalan independence movement and the Spanish government

Pegasus, a powerful spyware designed by the NSO Group, has the capability to clandestinely monitor and steal data and activities from mobile phones. A consortium of international media outlets exposed the fact that numerous countries have employed Pegasus to conduct surveillance on various individuals, including political figures, journalists, human rights activists, and political opponents.

In Spain, the Pegasus scandal unfolded, implicating over 60 individuals associated with the Catalan independence movement. According to a report from Citizen Lab, Pegasus was utilized to target these individuals between 2017 and 2020. In an alarming twist, the Spanish government itself accused Pegasus of spying on its own officials in 2021.

The Catalan independence movement under surveillance

The Catalan independence movement represents a political and social endeavor that aims to secure Catalonia’s independence from Spain. This movement gained significant momentum in 2017 when the Catalan government conducted an unauthorized referendum on self-determination. In response, the Spanish government took action by suspending Catalonia’s autonomy and apprehending several of its leaders.

Citizen Lab’s report revealed that Pegasus had specifically targeted more than 60 individuals associated with the Catalan independence movement from 2017 to 2020. This list includes notable figures such as three presidents of the Generalitat of Catalonia: Artur Mas, Quim Torra, and Pere Aragonès. These individuals have taken legal action, filing a complaint against Paz Esteban and the NSO Group. Paz Esteban serves as the director of CNI, Spain’s intelligence service.

Additional alleged victims encompass Members of the European Parliament, lawyers, journalists, and activists. For example, Carles Puigdemont, the former president of Catalonia who sought refuge in Belgium following the referendum, was also subjected to Pegasus surveillance. The list further includes Roger Torrent, the former speaker of the Catalan parliament, and Jordi Cañas, a pro-union Member of the European Parliament.

The Spanish government under attack

The situation escalated in significance when the Spanish government disclosed that Pegasus had also surveilled its own officials in 2021. The government attributed this to an “external attack” but refrained from identifying the perpetrators. Various media outlets hinted at the possibility of Moroccan involvement, occurring against the backdrop of a diplomatic standoff between the two nations.

Prime Minister Pedro Sánchez and Defense Minister Margarita Robles were among the primary targets. In February 2021, while on an official visit to Morocco, their mobile phones fell victim to Pegasus infections8. This compromise allowed the spyware access to their messages, calls, contacts, photos, videos, location, microphone, and camera.

Additionally, Foreign Minister Arancha González Laya and Interior Minister Fernando Grande-Marlaska faced Pegasus surveillance in May 2021. This intrusion occurred during their management of a migration crisis in Ceuta, a Spanish enclave in North Africa that witnessed a mass influx of Moroccan migrants.

The outcry of the victims

Those who have potentially or definitively fallen victim to Pegasus expressed their outrage and concerns surrounding this spying scandal. They vehemently decried it as a grave infringement upon their fundamental rights and vociferously demanded both explanations and accountability. Furthermore, they sought access to the findings of the judicial investigation and the data collected by the spyware.

For example, Quim Torra expressed feeling “violated” and “humiliated” by the intrusive spying. He squarely pointed fingers at the Spanish state and demanded an apology from Prime Minister Sánchez. Torra also declared his intent to pursue legal action against NSO Group and CNI.

Likewise, Pedro Sánchez conveyed his profound worry and anger regarding the spying. He committed to seeking clarifications from Morocco and Israel while simultaneously reinforcing his government’s cybersecurity measures.

What are the consequences of the spying?

Spying by Pegasus inflicted severe consequences on the victims, as well as society and democracy. It violated the victims’ right to privacy, freedom of expression, freedom of information, and presumption of innocence. Additionally, it jeopardized the security, reputation, and well-being of the victims.

Pegasus’ spying activities also eroded trust and cooperation among various actors and institutions. It fostered an atmosphere of suspicion and hostility between Spain and Morocco, neighboring countries with historical and economic ties. Furthermore, it deepened divisions between Madrid and Barcelona, two regions with political and cultural distinctions. The spying undermined the credibility and legitimacy of the Spanish government and its intelligence service.

Moreover, Pegasus’ spying efforts raised awareness and concerns regarding the dangers and abuses of cyber-surveillance. It revealed the lack of control and accountability over the use of spyware by governments and private companies. The spying underscored the necessity for enhanced protection and regulation for human rights defenders, journalists, activists, and other vulnerable groups.

The cost of Pegasus by country: an estimation based on the available sources

NSO Group, an Israeli company specialized in cyber-surveillance, developed Pegasus, a spyware capable of infecting smartphones and accessing their data, including messages, photos, contacts, and location. Pegasus can also activate the microphone and camera of the phone, effectively turning it into a spying tool. But how much does it cost to use Pegasus? And which countries can afford it? This section will attempt to answer these questions based on the available information.

Firstly, the cost of using Pegasus depends on several factors, such as the number of phones targeted, the duration of surveillance, and the type of contract signed with NSO Group. According to The Guardian’s estimate, which relies on internal documents from NSO Group dating back to 2016, a license to monitor 50 smartphones cost 20.7 million euros per year at that time. Similarly, a license for monitoring 100 smartphones cost 41.4 million euros per year. It remains uncertain whether these prices have changed since 2016 or if NSO Group has offered discounts or rebates to certain clients.

Subsequently, the estimated cost of Pegasus by country derives from the number of phones targeted and the operation’s duration, using the average cost provided by The Guardian. These data are approximations and may vary depending on the sources. For instance, Saudi Arabia targeted approximately 15,000 numbers with Pegasus, according to Le Monde, but The Washington Post suggests a figure of 10,000. Likewise, Le Monde indicates that Morocco commenced using Pegasus in 2017, whereas Citizen Lab asserts it was in 2016.

Here is a summary table of the estimates of the cost of Pegasus by country:

Country Number of Phones Targeted Duration of Operation (years) Estimated Cost (in millions of euros)
Spain 60 6 248.4
Saudi Arabia 10 000 5 2070
Azerbaijan 5 000 4 828
Bahrain 3 000 3 372.6
Kazakhstan 1 500 2 124.2
Mexico 15 000 2 1242
Morocco 10 000 5 2070
Rwanda 3 500 4 579.6
Hungary 300 4 49.8
India 1 000 3 124.2
United Arab Emirates 10 000 5 2070

Finally, the total estimated cost of Pegasus for these ten countries would be about 10.5 billion euros over a period of five years.

The cost of Pegasus compared to other indicators

In addition to these estimates, we can also compare the cost of Pegasus with other indicators or expenditures, such as the average income or the budget of a country. This can help us to gain insight into the scale and impact of Pegasus.

For instance, according to Statista, Spain’s average annual income per capita in 2020 was $30,722. El País reported the budget of the Spanish Intelligence Agency (CNI) to be $331 million in 2020, while El Mundo stated that Catalonia’s budget was $40 billion in the same year.

Here is a summary table of the data:

Source Estimated Cost of Pegasus
Le Monde $7 to $20 million per year for 50 to 100 smartphones
TEHTRIS $9 million for 10 targets, $650,000 for a single target
Alain Jourdan $500 million for Spain (Source credibility unclear)
Average Income in Spain (2020) $30,722 per year
Budget of CNI (Spanish Intelligence Agency, 2020) $331 million
Budget of Catalonia (2020) $40 billion

The table demonstrates that Pegasus costs are very high compared to other indicators or expenditures. For instance, according to our previous estimation in the preceding section, Spain would have expended about 248.4 million euros over six years to monitor 60 phones with Pegasus. This amount equals approximately 8 times the budget of the Spanish Intelligence Agency (CNI) in 2020 or about 6% of Catalonia’s budget in the same year. Furthermore, this sum is equivalent to about 8,000 times the average annual income per capita in Spain in 2020.

In conclusion comparison

This comparison highlights that Pegasus represents a significant expense for its users, funds that could have been allocated to other purposes or needs. Moreover, it emphasizes the disproportionate nature of Pegasus costs concerning its victims, often ordinary citizens or government employees.

Assessing the cost of Pegasus with certainty is challenging because it depends on several factors, such as the number of phones targeted, the duration of surveillance, and the type of contract NSO Group signed. To obtain a clearer and more comprehensive view of the cost and scope of Pegasus use, access to NSO Group’s and its clients’ internal data would be necessary.

Statistics on Pegasus: a glimpse into the scale and diversity of Pegasus espionage

NSO Group, an Israeli company specialized in cyber-surveillance, developed Pegasus, a spyware. Pegasus can infect smartphones and access their data, such as messages, photos, contacts, and location. Pegasus can also activate the microphone and camera of the phone, turning it into a spying tool.

But who are the victims of Pegasus? And how many are they? In this section, we will present some statistics based on the available data.

It is important to note that these statistics are not comprehensive, as a sample of 50,000 phone numbers selected by NSO Group’s clients as potential targets forms the basis for them. Forbidden Stories and Amnesty International obtained this sample and shared it with a consortium of media outlets that conducted an investigation. The actual number of Pegasus targets may be much higher, as NSO Group claims to have more than 60 clients in 40 countries.

According to The Guardian’s analysis of the sample:

  • More than 1,000 individuals in 50 different countries have been confirmed as successfully infected with Pegasus.
  • Over 600 politicians and government officials, including heads of state, prime ministers, and cabinet ministers, were identified as potential targets.
  • More than 180 journalists working for prominent media outlets like CNN, The New York Times, Al Jazeera, or Le Monde were selected as potential targets.
  • Over 85 human rights activists, including members of organizations like Amnesty International and Human Rights Watch, were identified as potential targets.

According to Le Monde’s analysis of the same sample:

  • Morocco selected more than 15,000 individuals as potential targets between 2017 and 2019.
  • Mexico selected over 10,000 potential targets between 2016 and 2017.
  • Saudi Arabia selected more than 1,400 potential targets between 2016 and 2019.
  • India selected over 800 potential targets between 2017 and 2019.

Here is a summary table of the key findings from both sources:

Data Source Key Findings
The Guardian (Sample of 50,000 Numbers) Over:

  • 1,000 infections in 50 countries
  • 600 politicians and government officials targeted
  • 180 journalists selected as potential targets
  • 85 human rights activists identified as potential targets
Le Monde (Sample of 50,000 Numbers) Over:

  • 15,000 potential targets in Morocco (2017-2019)
  • 10,000 potential targets in Mexico (2016-2017)
  • 1,400 potential targets in Saudi Arabia (2016-2019)
  • 800 potential targets in India (2017-2019)

These statistics reveal Pegasus surveillance’s extensive reach and diversity, affecting a wide range of individuals and countries with varying motivations and interests. Moreover, they show that Pegasus surveillance has been ongoing for several years without anyone detecting or stopping it.

In conclusion, these statistics provide a glimpse into the scale and diversity of Pegasus espionage. However, they are not exhaustive and may not fully reflect the true extent of Pegasus surveillance. To have a clearer and more complete picture of the victims and the consequences of Pegasus, access to the internal data of NSO Group and its clients would be necessary.

Pegasus Datasheet: a summary of the features and capabilities of Pegasus spyware

Pegasus is a spyware developed by the Israeli company NSO Group, designed for remote monitoring of mobile phone activities. Pegasus can infect smartphones and access their data, such as messages, calls, contacts, photos, videos, location, microphone, and camera. Pegasus can also control some functions of the phone, such as enabling or disabling Wi-Fi, Bluetooth, and more. Pegasus can infect phones through different methods, such as malicious link delivery or the insidious “zero-click” technique, which does not require any user interaction. The duration and frequency of Pegasus surveillance depend on the contract signed with NSO Group, which can vary from client to client.

Below is a datasheet detailing Pegasus, including price estimates and periodicity:

CHARACTERISTIC VALUE ATTACK VECTOR
Name Pegasus  
Developer NSO Group  
Type Spyware  
Function Remote monitoring of mobile phone activities  
Infection Method Malicious link delivery or the insidious “zero-click” technique Email, SMS, Web Browsing, WhatsApp, Zero-Click
Data Access Messages, calls, contacts, photos, videos, location, microphone, camera  
Function Access Capable of enabling/disabling Wi-Fi, Bluetooth, and more  
Periodicity Varied, dependent on contract duration and frequency of updates  
Price Estimate $7 to $20 million per year for 50 to 100 smartphones

Assessing the Pegasus Threat Level After Security Updates and Utilizing Anti-Pegasus Tools

Pegasus is a spyware that exploits security flaws in the operating systems of phones, such as iOS or Android. To reduce the level of threat of Pegasus, one of the ways is to update and patch these operating systems regularly, to fix the vulnerabilities that Pegasus can use.

How security updates can protect the devices from Pegasus

In September 2021, Apple released iOS 14.8 and macOS 11.6 as security updates to protect its devices from the zero-click exploit used by Pegasus. Citizen Lab discovered this exploit, called FORCEDENTRY, in August 2021. FORCEDENTRY allowed Pegasus to infect iPhones without any user interaction. Apple urged its users to install the updates as soon as possible to protect themselves from Pegasus.

Google also released security updates for Android devices in August 2021, according to Linternaute. These updates fixed several vulnerabilities that Pegasus or other spyware could exploit. Google did not specify if these vulnerabilities were related to Pegasus, but it advised its users to update their devices regularly to ensure their security.

However, updating and patching the operating systems may not be enough to prevent or detect Pegasus infections. Pegasus can adapt to security updates and use new exploits that security experts have not yet discovered or fixed.

Advanced Detection and Protection Against Pegasus Spyware

In the ongoing effort to combat the sophisticated Pegasus spyware, cybersecurity experts have developed advanced tools and methods to detect and neutralize such threats. Kaspersky, a leader in global cybersecurity, has recently unveiled a groundbreaking approach that enhances our capability to identify and mitigate the impact of iOS spyware including Pegasus, as well as newer threats like Reign and Predator.

Kaspersky’s Innovative Detection Method

Leveraging the untapped potential of forensic artifacts, Kaspersky’s Global Research and Analysis Team (GReAT) has introduced a lightweight yet powerful method to detect signs of sophisticated spyware infections. By analyzing the Shutdown.log found within the iOS sysdiagnose archive, researchers can now identify anomalies indicative of a Pegasus infection, such as unusual “sticky” processes. This method provides a minimally intrusive, resource-efficient way to pinpoint potential spyware compromises.

Empowering Users with Self-Check Capabilities

To democratize the fight against spyware, Kaspersky has developed a self-check tool available to the public. This utility, based on Python3 scripts, allows users to independently extract, analyze, and interpret data from the Shutdown.log file. Compatible with macOS, Windows, and Linux, this tool offers a practical solution for users to assess their devices’ integrity.

Comprehensive User Protection Strategies

Beyond detection, protecting devices from sophisticated spyware demands a multifaceted approach. Kaspersky recommends several proactive measures to enhance device security:

  • Reboot Daily: Regular reboots can disrupt the persistence mechanisms of spyware like Pegasus, which often relies on zero-click vulnerabilities for infection.
  • Enable Lockdown Mode: Apple’s Lockdown Mode has shown effectiveness in thwarting malware infections by minimizing the attack surface available to potential exploiters.
  • Disable iMessage and Facetime: Given their popularity as vectors for exploitation, disabling these services can significantly reduce the risk of infection.
  • Stay Updated: Promptly installing the latest iOS updates ensures that known vulnerabilities are patched, closing off avenues for spyware exploitation.
  • Exercise Caution with Links: Avoid clicking on unsolicited links, a common method for delivering spyware through social engineering tactics.
  • Regular Checks: Utilizing tools like MVT (Mobile Verification Toolkit) and Kaspersky’s utilities to analyze backups and sysdiagnose archives can aid in early detection of malware.

By integrating these practices, users can significantly bolster their defenses against the most advanced spyware, reducing the likelihood of successful infiltration and ensuring greater digital security and privacy.

Technological Innovations in Spyware Defense: The Case of DataShielder NFC HSM

As nations grapple with policy measures to regulate the use of commercial spyware, technological innovators like Freemindtronic are stepping up to offer robust defenses for individuals against invasive tools like Pegasus. The DataShielder NFC HSM Defense, equipped with EviCore NFC HSM technology, represents a leap forward in personal cybersecurity, offering a suite of features designed to safeguard data and communications from sophisticated spyware threats.

DataShielder NFC HSM: A Closer Look

DataShielder NFC HSM Defense utilizes contactless encryption and segmented key authentication, securely stored within an NFC HSM, to protect users’ digital lives. This groundbreaking approach ensures that secret keys, the cornerstone of digital security, remain out of reach from spyware, thus maintaining the confidentiality and integrity of sensitive information across various communication protocols.

DataShielder NFC HSM Defense: a solution against spyware

Another technology can help users protect themselves from Pegasus and other spyware. This is DataShielder NFC HSM Defense with EviCore NFC HSM, a solution that effectively fights against applications and spyware such as Pegasus. It is an alternative that secures contactless encryption and segmented key authentication system stored encrypted in NFC HSM. Thus, the secret keys are physically externalized and not accessible to the spyware. DataShielder NFC HSM Defense with EviCypher NFC HSM encrypts all types of sensitive data without ever logging the data unencrypted. The user can encrypt all types of data from his contactless phone in volatile memory, including Email, SMS, MMS, RCS, Chat, all messaging in general, all types of messaging, including satellite, without ever saving his texts unencrypted. DataShielder NFC HSM also works in air gap as well as on all types of NFC, Wifi, Bluetooth, Lan, Wan, Camera communication protocols that it encrypts end-to-end from NFC HSM

DataShielder NFC HSM Defense: additional features

In the Defense version of DataShielder NFC HSM, it integrates EviCall NFC HSM technology, which allows users to physically outsource phone contacts and make calls by automatically erasing the call histories of the phone, including encrypted and unencrypted SMS linked to that call number.

DataShielder NFC HSM also includes Evipass NFC HSM contactless password manager technology. It is therefore compatible with EviCore NFC HSM Browser Extension technology. In particular, it carries out all types of autofill and autologin operations. Thus, DataShielder NFC HSM not only allows you to connect by autofilling the traditional login and password identification fields on the phone, whether through applications or online accounts. But also also and on the types of online accounts (lan and wan), applications, software. DataShielder NFC HSM Defense also includes EviKeyboard BLE technology which also extends the use of keys greater than 256 bit. This virtual Bluetooth keyboard allows you to authenticate on the command line, on all types of home automation, electronic, motherboard bios, TMP2.0 key, which accepts the connection of a keyboard on a USB port. All these operations are end-to-end encrypted from NFC HSM up to more than 50 meters away via Bluetooth encrypted in AES-128.

To encrypt sensitive data from their phone, the user will do it from their secret keys only stored in their NFC HSM. They can also do it from their computer using the NFC HSM. This is possible thanks to the interoperability and backward compatibility of the DataShielder NFC HSM Defense ecosystem, which works independently but is interoperable on all Android computer and telephone systems with NFC technology. For example, users can encrypt files, photos, videos, and audio on their phones without ever exposing them to security breaches on the phone or computer.

This is the EviCypher NFC HSM technology dedicated to the encryption and management of AES 256 and RSA 4096 encryption keys.

Similarly, DataShielder also includes EviOTP NFC HSM technology, also in DataShielder NFC HSM Defense, which secures and manages OTP (TOTP and HOTP) secret keys.

Here are all the links : EviPass NFC HSMEviOTP NFC HSMEviCypher NFC HSMEviCall NFC HSM, EviKeyboard BLE

DataShielder NFC HSM Defense vs Pegasus: a comparison table

Data Pegasus DataShielder NFC HSM Defense
Messages, chats Can read and record them unencrypted Encrypts them end-to-end with keys physically externalized in the NFC HSM
Phone contacts Can access and modify them Externalizes and encrypts them in the NFC HSM
Emails Can intercept and read them Encrypts them with the OpenPGP protocol and signs them with the NFC HSM
Photos Can access and copy them Encrypts them with the NFC HSM and stores them in a secure space
Videos Can watch and record them Encrypts them with the NFC HSM and stores them in a secure space
Encrypted messages scanned from the camera Can decrypt them if he has access to the encryption key Encrypts them with the NFC HSM and does not leave any trace of the encryption key
Conversation histories from contacts stored in the NFC HSM Can access and analyze them Erases them automatically after each call or message
Usernames and passwords Can steal and use them Externalizes and encrypts them in the NFC HSM with EviPass technology
Secret keys of OTP Can compromise and impersonate them Externalizes them physically in the NFC HSM with EviOTP technology

Bridging the Gap Between Technology and Privacy

In an era where spyware like Pegasus poses unprecedented threats to personal privacy and security, solutions like DataShielder NFC HSM Defense emerge as essential tools in the individual’s cybersecurity arsenal. By leveraging such technologies, users can significantly mitigate the risk of spyware infections, reinforcing the sanctity of digital privacy in the face of evolving surveillance tactics.

The level of threat of Pegasus in different cases

The level of threat of Pegasus depends on many factors, such as the type and version of the operating system, the frequency and quality of the updates and patches, the availability and effectiveness of the tools, and the behavior and awareness of the users. It is therefore difficult to measure it precisely or universally, as it may vary according to different scenarios and situations.

However, we can try to give some estimates or ranges of levels, based on assumptions or approximations. For example, we can use a scale from 1 (lowest) to 10 (highest) to indicate how likely it is for a device to be infected by Pegasus in different cases:

Case Level of threat
A device with an outdated operating system that has not been updated for a long time 9/10
A device with an updated operating system that has been patched recently 5/10
A device with an updated operating system that has been patched recently and uses antivirus software 3/10
A device with an updated operating system that has been patched recently and uses antivirus software and VPN software 2/10
A device with an updated operating system that has been patched recently and uses antivirus software, VPN software, and anti-spyware software 1/10
A device with an updated operating system that has been patched recently and uses DataShielder NFC HSM 0/10

Latest affairs related to Pegasus

Since the revelations of Forbidden Stories and Amnesty International in July 2021, several new developments have occurred in relation to Pegasus spying. Here are some of them:

  • October 2023, The former head of the Spanish intelligence services has been charged with spying on the regional president of Catalonia, Pere Aragonès, using the Pegasus software, the Spanish justice announced on Monday. Paz Esteban, who was dismissed last year by the government of Pedro Sánchez after the scandal broke out, has been summoned by the Barcelona judge in charge of the case on December 131. The judge said that the facts reported by the moderate separatist leader have the “characteristics” of “possible criminal offenses such as illegal wiretapping and computer espionage
  • In October 2021, Paz Esteban López, the former head of CNI, was charged with crimes against privacy and misuse of public funds for allegedly ordering the spying on Catalan politicians with Pegasus. She is the first high-ranking official to face legal consequences for using Pegasus in Spain.
  • In September 2021, NSO Group announced that it was temporarily suspending its services to several government clients after being accused of facilitating human rights abuses with Pegasus. The company did not specify which clients were affected by this decision.
  • In August 2021, Apple released an urgent security update for its devices after discovering a zero-click exploit that allowed Pegasus to infect iPhones without any user interaction. The exploit, called FORCEDENTRY, was used by NSO Group to target activists, journalists and lawyers around the world. Apple urged its users to install the update as soon as possible to protect themselves from Pegasus.
  • In July 2021, the French government launched an investigation into the alleged spying on President Emmanuel Macron and other senior officials by Morocco using Pegasus. Morocco denied any involvement in the spying and sued Amnesty International and Forbidden Stories for defamation. France also summoned the Israeli ambassador to Paris to demand explanations about NSO Group’s activities.
  • In July 2021, the Israeli government formed a task force to review the allegations against NSO Group and its export licenses. The task force included representatives from the defense, justice and foreign ministries, as well as from the Mossad and the Shin Bet. The task force was expected to report its findings within a few weeks.

These developments show that Pegasus spying has triggered legal, diplomatic and political reactions in different countries. They also show that Pegasus spying has exposed the vulnerabilities and the challenges of cybersecurity in the digital age.

International Policy Measures Against Spyware Misuse

In a landmark move reflecting growing global concern over the misuse of commercial spyware, the United States announced in February 2024 its decision to impose visa restrictions on individuals involved in the abuse of such technologies. This policy, aimed at curbing the proliferation of weapons-grade commercial spyware like Pegasus, marks a significant stride in international efforts to safeguard against digital espionage threats to national security, privacy, and human rights.

The US Stance on Spyware Regulation

The Biden administration’s policy will potentially impact major US allies, including Israel, India, Jordan, and Hungary, underscoring the administration’s commitment to countering the misuse of spyware. This comes on the heels of earlier measures, such as placing Israel’s NSO Group on a commerce department blacklist and prohibiting the US government’s use of commercial spyware, signaling a robust stance against the unregulated spread of spyware technologies.

Global Implications and Diplomatic Efforts

Secretary of State Antony Blinken’s statement linking the misuse of spyware to severe human rights violations highlights the gravity with which the US views the global spyware issue. The policy introduces a mechanism for enforcing visa restrictions on those believed to be involved in or benefiting from the misuse of spyware, sending a strong message about the US’s intolerance for such practices.

A Step Towards Greater Accountability

By targeting individuals involved in the surveillance, harassment, and intimidation of journalists, activists, and dissenters, the US aims to foster a more accountable and ethical global spyware industry. This visa ban, applicable even to individuals from visa waiver countries, represents an “important signal” about the risks associated with the spyware sector, emphasizing the need for international cooperation in addressing these challenges.

Spyware with multiple detrimental impacts

Pegasus is not only a spyware with a high financial cost for its users, but it also entails, whether it is used legitimately or not, a human, social, political and environmental cost for its victims and society as a whole. It is difficult to precisely quantify the cost of the damages caused by the use of Pegasus due to numerous factors and variables that can vary across countries, sectors and periods. However, we can provide some rough estimates and examples to illustrate the scope and diversity of the impacts of the use of Pegasus.

Financial Cost

The financial cost of the damages inflicted by Pegasus can be measured on several fronts:

  • Cost to Victims: Individuals spied on by Pegasus may suffer direct or indirect financial losses, stemming from breaches of their privacy, disclosure of personal or professional information, manipulation, or theft of their financial or tax-related data. For example, a journalist might lose their job or credibility due to information revealed by Pegasus; a lawyer could lose a lawsuit or a client due to a disclosed strategy, and an activist might lose funding or security due to an exposed campaign.
  • Cost to Businesses: Companies targeted by Pegasus may face direct or indirect financial losses related to intellectual property violation, unfair competition, industrial espionage, corruption, and more. For instance, a business could lose a contract or market share because of exposed bids; its reputation and trustworthiness could suffer due to a Pegasus-related scandal, and its competitiveness and profitability could diminish from a compromised trade secret.
  • Cost to States: Nations subject to Pegasus espionage may experience direct or indirect financial losses tied to sovereignty violations, threats to national security, interference in domestic and foreign affairs, among others. An example includes a country’s stability or legitimacy being jeopardized due to a Pegasus-facilitated coup; a nation losing influence or alliances because of negotiations undermined by Pegasus; or a state’s development or environment suffering from a Pegasus-sabotaged project.

Geopolitical Cost

The geopolitical cost of Pegasus-induced damages can be measured on various fronts:

  • Cost to International Relations: The use of Pegasus by some states to spy on others can lead to diplomatic tensions, armed conflicts, economic sanctions, and cooperation ruptures. For example, the espionage of French President Emmanuel Macron by Morocco triggered a crisis between the two nations; spying on Indian Prime Minister Narendra Modi by China escalated their border dispute, and Israeli espionage of Iranian President Hassan Rouhani compromised the nuclear agreement between the two countries.
  • Cost to International Organizations: Pegasus’ deployment by certain states to spy on international organizations can result in violations of international law, human rights abuses, and hindrances to multilateralism. For instance, spying on UN Secretary-General Antonio Guterres by the United States undermined the organization’s independence and impartiality. Similarly, espionage targeting the International Criminal Court by Israel threatened international justice and peace, while spying on the World Health Organization by China disrupted pandemic management.

Economic Cost

The economic cost of the damages caused by Pegasus can be assessed across different dimensions:

  • Cost to Economic Growth: The use of Pegasus by certain states or private actors to spy on other states or private actors can lead to market distortions, productivity losses, capital flight, and offshoring. For example, the espionage targeting the airline company Emirates by Qatar reduced its competitiveness and profitability. Similarly, spying on the oil company Petrobras by the United States triggered an economic and political crisis in Brazil. Additionally, spying on Mexico’s central bank by Venezuela facilitated money laundering and terrorism financing.
  • Cost to Innovation: The utilization of Pegasus by certain states or private actors to spy on other states or private actors can result in patent theft, counterfeiting, hacking, and cyberattacks. For instance, spying on pharmaceutical company Pfizer by China allowed the latter to replicate its COVID-19 vaccine. Simultaneously, espionage against technology giant Apple by North Korea enabled the creation of its smartphone. Furthermore, spying on space company SpaceX by Russia allowed the latter to sabotage its launches.

Human, Social, and Environmental Cost

The human, social, and environmental cost of Pegasus-induced damages can be measured across several aspects:

  • Cost to Human Rights: The use of Pegasus by certain states or private actors to spy on vulnerable individuals or groups can result in violations of the right to life, freedom, security, dignity, and more. For example, the spying on journalist Jamal Khashoggi by Saudi Arabia led to his assassination. Similarly, espionage targeting activist Edward Snowden by the United States led to his exile. Additionally, the espionage of dissident Alexei Navalny by Russia resulted in his poisoning.
  • Cost to Democracy: The deployment of Pegasus by certain states or private actors to spy on political or social actors can lead to infringements on pluralism, transparency, participation, representativeness, and more. For instance, spying on French President Emmanuel Macron by Russia attempted to influence the 2017 French presidential election. Similarly, spying on the Yellow Vest movement by Morocco aimed to weaken the French social movement in 2018. Additionally, espionage against President Joe Biden by Iran sought to infiltrate his transition team in 2020.
  • Cost to the Environment: The use of Pegasus by certain states or private actors to spy on organizations or individuals committed to environmental protection can result in damage to biodiversity, climate, natural resources, and more. For example, spying on Greenpeace by Japan hindered its efforts against whale hunting. Similarly, espionage against the WWF by Brazil facilitated deforestation in the Amazon. Additionally, the spying on climate activist Greta Thunberg by Russia aimed to discredit her climate movement.
  • Cost to Intangibles: The use of Pegasus by certain states or private actors to spy on individuals or groups with symbolic, cultural, moral, or spiritual value can result in losses of meaning, trust, hope, or faith. For instance, espionage against Pope Francis by Turkey undermined his moral and religious authority. Similarly, spying on the Dalai Lama by China compromised his spiritual and political status. Additionally, the espionage of Nelson Mandela by South Africa tarnished his historical and humanitarian legacy.

The Risk of Diplomatic Conflict Arising from Pegasus

The utilization of Pegasus by some states to spy on others can give rise to the risk of diplomatic conflict, which can have severe consequences for international peace and security. The likelihood of diplomatic conflict depends on several factors, including:

  • Intensity and Duration of Espionage: The more extensive and prolonged the espionage, the more likely it is to provoke a strong and lasting reaction from the spied-upon state.
  • Nature and Status of Targets: More important and sensitive targets are more likely to trigger a strong and immediate reaction from the spied-upon state. For instance, spying on a head of state or a minister is more serious than spying on a bureaucrat or diplomat.
  • Relationship and Context Between States: States with tense or conflictual relationships are more likely to provoke a strong and hostile reaction from the spied-upon state. For instance, espionage between rival or enemy states is more serious than espionage between allied or neutral states.

The risk of diplomatic conflict can manifest at various levels:

  • Bilateral Level: This is the most direct and frequent level, where two states clash due to espionage. Possible reactions include official protests, summoning or expelling an ambassador, breaking or freezing diplomatic relations, etc.
  • Regional Level: This level involves a state seeking support from its neighbors or regional partners to bolster its position or condemn the espionage. Possible reactions include joint declarations, collective resolutions, economic or political sanctions, etc.
  • International Level: At this level, a state calls upon international organizations or global actors to support its position or condemn the espionage. Possible reactions include referring the matter to an international court, resolutions by the UN Security Council, humanitarian or military sanctions, etc.

The risk of diplomatic conflict can have various consequences:

  • Political Consequences: It can lead to a deterioration or rupture of relations between the involved states, a loss of credibility or legitimacy on the international stage, internal political instability or crisis, etc.
  • Economic Consequences: It can result in reduced or suspended trade between the involved states, a loss of competitiveness or growth, capital flight or frozen investments, etc.
  • Social Consequences: It can lead to increased or exacerbated tensions or violence among the populations of the involved states, a loss of trust or solidarity, a rise or reinforcement of nationalism or extremism, etc.

Conclusion: Navigating the Pegasus Quagmire with Innovative Defenses

The saga of Pegasus spyware unveils a complex tableau of financial, human, social, political, and environmental ramifications. Pinpointing the exact toll it takes presents a formidable challenge, given the myriad of factors at play. Throughout this article, we’ve endeavored to shed light on the extensive impacts, offering insights and quantifications to bring clarity to this global concern.

Moreover, Pegasus not only incurs a direct cost but also sows the seeds of potential diplomatic strife, pitting states against each other in an invisible battlefield. The severity of these confrontations hinges on the espionage’s scope, the targets’ sensitivity, and the intricate web of international relations. Such conflicts, manifesting across various levels, can significantly strain political ties, disrupt economies, and fracture societies.

In this digital quagmire, the innovative counter-espionage technologies developed by Freemindtronic emerge as a beacon of hope. They offer a testament to the power of leveraging cutting-edge solutions to fortify our digital defenses against the invasive reach of spyware like Pegasus. By integrating such advanced protective measures, individuals and organizations can significantly enhance their cybersecurity posture, safeguarding their most sensitive data and communications in an increasingly surveilled world.

This piece aims to illuminate the shadowy dynamics of Pegasus spyware, drawing back the curtain on its profound implications. For those keen to explore further, we invite you to consult the sources listed below. They serve as gateways to a deeper understanding of Pegasus’s pervasive influence, the ongoing efforts to counteract its invasive reach, and the pivotal role of technologies like those from Freemindtronic in these endeavors.

In a world where digital surveillance perpetually evolves, staying informed, vigilant, and equipped with the latest in counter-espionage technology is paramount. As we navigate these challenges, let us engage in ongoing dialogue, advocate for stringent regulatory measures, and champion the development of robust cybersecurity defenses. Together, we can confront the challenges posed by Pegasus and similar technologies, safeguarding our collective privacy, security, and democratic values in the digital age.

Sources

In crafting this article, we have drawn upon a selection of reputable and verified web sources. Our sources are chosen for their commitment to presenting facts objectively and respecting the presumption of innocence.

This article has been meticulously crafted, drawing upon a diverse array of reputable and verified web sources. These sources have been selected for their unwavering commitment to factual accuracy, objective presentation, and respect for the presumption of innocence. Our investigation delves deep into the complex web of surveillance technology, focusing on the notorious Pegasus spyware developed by NSO Group and the global efforts to detect, regulate, and mitigate its invasive reach. The article sheds light on groundbreaking detection methods, international policy measures against spyware misuse, and the pressing need for enhanced cybersecurity practices.

We analyzed many sources including:

In summary

Additional references from a range of international publications provide further insights into the deployment, implications, and countermeasures associated with Pegasus spyware across various countries, including Saudi Arabia, Azerbaijan, Bahrain, Kazakhstan, Mexico, Morocco, Rwanda, Hungary, India, and the United Arab Emirates. These articles collectively highlight the global challenge posed by Pegasus, the evolving landscape of digital espionage, and the concerted efforts required to safeguard privacy and security in the digital age.

Estimating the Global Reach and Financial Implications of Pegasus Spyware

The deployment of Pegasus spyware across various nations reveals not only the extensive reach of NSO Group’s surveillance tool but also underscores the significant financial and ethical costs associated with its use. The following insights, derived from reputable news sources, offer a glimpse into the scale of Pegasus’s deployment worldwide and its impact on targeted countries:

  1. According to the French Le Monde, Saudi Arabia targeted about 15,000 phone numbers with Pegasus. The cost of one license can be as high as Rs 70 lakh. With one license, multiple smartphones can be tracked. As per past estimates of 2016, for spying on just 10 people using Pegasus, NSO Group charges a minimum of around Rs 9 crore.
  2. The American The Washington Post reported that Saudi Arabia started using Pegasus in 2018. The FBI also confirmed that it obtained NSO Group’s powerful Pegasus spyware in 2019, suggesting that it bought access to the Israeli surveillance tool to “stay abreast of emerging technologies and tradecraft”.
  3. The British The Guardian stated that Azerbaijan aimed at about 5,000 phone numbers with Pegasus. The country is among the 10 governments that have been the most aggressive in deploying the spyware against their own citizens and those of other countries.
  4. As per the American The Washington Post, Azerbaijan began using Pegasus in 2019. The country has been accused of using the spyware to target journalists, activists, and opposition figures, as well as foreign diplomats and politicians.
  5. In the case reported by the French Le Monde, Bahrain focused on about 3,000 phone numbers with Pegasus. The country has been using the spyware since 2020 to target dissidents, human rights defenders, and members of the royal family.
  6. Mentioned in the American The Washington Post, Bahrain initiated Pegasus use in 2020. The country is one of the NSO Group’s oldest customers, having signed a contract with the company in 2016.
  7. As disclosed by the British The Guardian, Kazakhstan directed attention towards approximately 1,500 phone numbers with Pegasus. The country has been using the spyware since 2021 to target journalists, activists, and opposition figures, as well as foreign diplomats and politicians.
  8. According to the American The Washington Post, Kazakhstan commenced Pegasus usage in 2021. The country is one of the newest customers of NSO Group, having signed a contract with the company in 2020.
  9. According to claims made by the Mexican Aristegui Noticias, Mexico targeted about 15,000 phone numbers with Pegasus. The country is the largest known client of NSO Group, having spent at least $61m on the spyware between 2011 and 2017.
  10. As reported by the American The Washington Post, Mexico began Pegasus use in 2020. The country has been using the spyware to target journalists, activists, lawyers, and politicians, as well as the relatives of the 43 students who disappeared in 2014.
  11. As detailed in the French Le Monde, Morocco focused on about 10,000 phone numbers with Pegasus. The country is one of the most prolific users of the spyware, having targeted journalists, activists, lawyers, and politicians, as well as foreign heads of state and government.
  12. Confirmed by the Canadian organization Citizen Lab, Morocco initiated Pegasus usage in 2016. The country is one of the oldest customers of NSO Group, having signed a contract with the company in 2014.
  13. According to findings reported by the British The Guardian, Rwanda honed in on around 3,500 phone numbers with Pegasus. The country has been using the spyware to target dissidents, journalists, and human rights defenders, as well as foreign critics and rivals.
  14. As indicated by the American The Washington Post, Rwanda started Pegasus usage in 2019. The country is one of the newest customers of NSO Group, having signed a contract with the company in 2018.
  15. In the report from the French Le Monde, Hungary aimed at about 300 phone numbers with Pegasus. The country is the only EU member state known to have used the spyware, having targeted journalists, activists, lawyers, and opposition figures.
  16. As conveyed by the Hungarian Direkt36, Hungary initiated Pegasus use in 2018. The country is one of the newest customers of NSO Group, having signed a contract with the company in 2017.
  17. As outlined in the Indian The Wire, India directed attention towards approximately 1,000 phone numbers with Pegasus. The country is one of the largest users of the spyware, having targeted journalists, activists, lawyers, and politicians, as well as the leader of the main opposition party.
  18. According to the British The Guardian, India began Pegasus use in 2019. The country is one of the newest customers of NSO Group, having signed a contract with the company in 2018.
  19. According to the information provided by the French Le Monde, the United Arab Emirates honed in on around 10,000 phone numbers with Pegasus. The country is one of the most aggressive users of the spyware, having targeted journalists, activists, lawyers, and politicians, as well as foreign heads of state and government.
  20. Confirmed by the Canadian organization Citizen Lab, the United Arab Emirates started Pegasus usage in 2016. The country is one of the oldest customers of NSO Group, having signed a contract with the company in 2013.
  21. According to the European Parliament recommendation of 15 June 2023, the EU and its Member States have been affected by the use of Pegasus and equivalent surveillance spyware, which constitutes a serious threat to the rule of law, democracy, human rights and fundamental freedoms. The recommendation calls for a global moratorium on the sale and use of such technologies until robust safeguards are established.
  22. According to the article by Malwarebytes, Pegasus spyware and how it exploited a WebP vulnerability, the spyware exploited a vulnerability in the WebP image format, which allows for lossless compression and restoration of pixels. The article explains how the attackers created specially crafted image files that caused a buffer overflow in the libwebp library, used by several programs and browsers to support the WebP format.
  23. According to the article by ZDNet, ‘Lawful intercept’ Pegasus spyware found deployed in 45 countries, the spyware has been used by government agencies across the world to conduct cross-border surveillance, violating international law and human rights. The article cites a report by Citizen Lab, which identified 45 countries where Pegasus operators may be conducting surveillance operations.
  24. According to the article by The Guardian, Experts warn of new spyware threat targeting journalists and political opponents, a new spyware with hacking capabilities comparable to Pegasus has emerged, developed by an Israeli company called Candiru. The article cites a report by Citizen Lab, which found evidence that the spyware has been used to target journalists, political opposition figures and an employee of an NGO.

WhatsApp Hacking: Prevention and Solutions

whatsapp-hacking-prevention-and-solutions-by-evicrypt-end-or-evifile-hasm-and-nfc-hsm-from-freemindtronic-andorra-technology

WhatsApp hacking by Jacques Gascuel has been updated as of September 20, 2024. This article will continue to be updated with the most recent findings, including new vulnerabilities like the “View Once” flaw and other Remote Code Execution (RCE) exploits. Stay tuned for ongoing updates on the evolving landscape of WhatsApp security and best practices to protect your data.

How to Secure WhatsApp

WhatsApp hacking is a growing concern as this popular messaging app is increasingly targeted by hackers seeking access to your personal and business data. How can you protect yourself from WhatsApp hacking, and what should you do if it happens? In this article, you’ll learn some tips and tricks to improve your WhatsApp security, as well as innovative encryption technology solutions from Freemindtronic that can significantly enhance your protection.

2024 Digital Security

Why Encrypt SMS? FBI and CISA Recommendations

2024 Digital Security

French Minister Phone Hack: Jean-Noël Barrot’s G7 Breach

2024 Digital Security

Cyberattack Exploits Backdoors: What You Need to Know

2024 Digital Security

Google Sheets Malware: The Voldemort Threat

2024 Articles Digital Security News

Russian Espionage Hacking Tools Revealed

2024 Digital Security Spying Technical News

Side-Channel Attacks via HDMI and AI: An Emerging Threat

How to Prevent and Solve WhatsApp Hacking Issues with Freemindtronic’s Solutions

WhatsApp, with over 2 billion users worldwide, remains a prime target for hackers. Despite its popularity, WhatsApp is not immune to hacking, which can severely compromise the security and privacy of your conversations. So, how can you protect your WhatsApp account from hacking, and what should you do if it gets hacked?

The Risks of WhatsApp Hacking

WhatsApp hacking can have serious consequences for victims. Hackers can gain access to all personal and sensitive information stored in the app, including messages, photos, videos, contacts, and groups. They can impersonate the victim, sending fraudulent or malicious messages to contacts. These messages can request money or trick recipients into clicking on infected links. Furthermore, hackers can spread false information or illegal content using the compromised account.

WhatsApp hacking can also impact a victim’s professional life, especially if they use the app for business communication. Hackers can access confidential data like contracts, quotes, or project details. They can also damage the victim’s reputation by sending abusive or defamatory messages to professional contacts.

The Techniques of WhatsApp Hacking

Hackers employ various techniques to breach WhatsApp accounts, including:

  • Phishing: Hackers send deceptive messages or emails that appear to be from official services like WhatsApp, Google, or Apple. These prompts encourage the victim to click on a link or provide personal information. This link usually leads to a fraudulent site designed to steal the victim’s data.
  • Voice Mail Exploitation: Hackers exploit flaws in the WhatsApp authentication process by dialing the victim’s phone number and attempting to access their WhatsApp account. If the victim’s phone is off or in airplane mode, the verification code sent via SMS or call may go to voicemail. Hackers can retrieve it using default or guessed voicemail codes.
  • QR Code Scanning: This technique takes advantage of WhatsApp Web by scanning a QR code displayed on a computer with the victim’s smartphone. A hacker can then access the WhatsApp account on their own computer.

Recent WhatsApp Vulnerabilities

In addition to these techniques, new vulnerabilities have emerged that pose significant risks to WhatsApp users:

  • Remote Code Execution Vulnerabilities: In late 2023, two critical remote code execution (RCE) vulnerabilities were discovered in WhatsApp. These vulnerabilities, identified as CVE-2023-5668 and CVE-2023-38831, allowed attackers to execute arbitrary code on a victim’s device through specially crafted video files or other exploitative methods. Although WhatsApp has since patched these vulnerabilities, they underscore the importance of keeping the app updated to avoid potential exploitation​.
  • Xenomorph Malware: The Xenomorph Android malware has evolved into a significant threat to Android users, including those using WhatsApp. This malware disguises itself as legitimate apps and can bypass multi-factor authentication to steal credentials and take over user accounts. Its capabilities include stealing data from both banking apps and cryptocurrency wallets, potentially targeting WhatsApp accounts as well​.
  • Dark Web Exploits: The demand for zero-day vulnerabilities, especially for apps like WhatsApp, has surged. These vulnerabilities are being sold for millions of dollars on the dark web, highlighting their value to hackers. Such exploits could allow attackers to bypass security measures and gain unauthorized access to user data. It is crucial to stay informed about the latest patches and updates released by WhatsApp to mitigate these risks​.

New Vulnerability Found in WhatsApp’s “View Once” Feature

WhatsApp’s “View Once” feature, designed to enhance privacy by making media disappear after just one view, has recently revealed a serious security vulnerability. Discovered by Zengo X, this flaw lets attackers bypass the feature, especially on web and desktop versions.

Vulnerability Details

While mobile devices effectively prevent screenshots and saving media, the protection doesn’t extend as well to non-mobile platforms. Zengo X researchers found that browser extensions, like those available for Chrome, can easily modify WhatsApp’s code. They disable the “View Once” flag, turning temporary messages into permanent ones. This allows attackers to save, forward, and view messages repeatedly.

Moreover, messages marked as “View Once” are sent to all devices linked to the recipient. This includes those that shouldn’t handle this feature, such as web and desktop platforms. Attackers can exploit this loophole and save media on these platforms. Additionally, these messages remain stored on WhatsApp servers for up to two weeks, increasing the risk of potential abuse.

Meta’s Response

Meta, the parent company of WhatsApp, has responded after Zengo X responsibly disclosed the flaw. Meta confirmed they are currently rolling out patches, focusing on securing web versions of WhatsApp. However, this interim measure isn’t the final fix. A more comprehensive update is expected to address the vulnerability fully.

Meta’s bug bounty program played a critical role in identifying this issue. They are working towards a full patch and encourage users to remain cautious. Specifically, Meta suggests sharing sensitive media only with trusted contacts during this period.

Ongoing Concerns

While Meta is working on a complete fix, users should remain aware of the limitations in the current “View Once” feature. The vulnerability allows attackers not only to bypass the feature but also to access low-quality media previews without downloading the entire message. Attackers can also manipulate the system by changing the “view once” flag to “false,” making the message permanent.

Security experts, like Tal Be’ery of Zengo X, have emphasized that this flaw creates a “false sense of privacy”. Users think their messages are secure when, in reality, they are vulnerable on certain platforms.

Recommendations

Until a final patch is released, users should exercise caution when using the “View Once” feature. Sharing sensitive information through the web and desktop versions of WhatsApp is risky. It’s better to send such messages only to trusted contacts.

For more in-depth details, you can read the full technical report by Zengo X here.

More Recent WhatsApp Vulnerabilities

WhatsApp has recently addressed several other serious security vulnerabilities that could put users at risk. While updates have been rolled out, these issues demonstrate why keeping WhatsApp updated is crucial.

Remote Code Execution Vulnerabilities (CVE-2022-36934 & CVE-2022-27492)

WhatsApp fixed two critical remote code execution (RCE) vulnerabilities in 2024. The first, identified as CVE-2022-36934, affected the Video Call Handler. Attackers could exploit this flaw by initiating a video call, leading to an integer overflow that let them take control of the device. The second, CVE-2022-27492, was found in the Video File Handler. It allowed attackers to execute malicious code when users opened a specially crafted video file.

These flaws impacted both iOS and Android users with WhatsApp versions prior to 2.22.16.12 for Android and 2.22.15.9 for iOS. Users are strongly advised to update their apps to protect against such risks.

Enhancing WhatsApp Security

To combat the increasing risks of hacking, WhatsApp introduced several new security features. These enhancements provide significantly stronger protection against unauthorized access and malware attacks.

Account Protect adds an extra layer of security when transferring your WhatsApp account to a new device. This feature requires confirmation from your old device, making it much harder for unauthorized users to take over your account.

Device Verification is another critical update. It prevents advanced malware attacks that attempt to hijack your WhatsApp account. By introducing automated security tokens, WhatsApp ensures that your account remains protected, even if your device is compromised.

Additionally, Automatic Security Codes streamline the verification of secure connections. WhatsApp has introduced a feature called Key Transparency, which automates this process. This ensures your conversations are secure without requiring manual intervention, offering further protection against WhatsApp hacking.

To learn more about these new security features, check out WhatsApp’s official blog post.

Enhancing WhatsApp Security with DataShielder NFC HSM, DataShielder HSM PGP, and PassCypher NFC HSM

For even greater security, especially in scenarios where your credentials might be compromised, integrating advanced hardware security modules (HSM) like DataShielder NFC HSM, DataShielder HSM PGP, or PassCypher NFC HSM can significantly fortify your defenses.

DataShielder NFC HSM securely stores and manages encryption keys on a hardware device, ensuring that even if your credentials are exposed, your encrypted data remains inaccessible. You can explore the DataShielder NFC HSM Starter Kit here.

DataShielder HSM PGP provides robust protection for your WhatsApp messages by using PGP encryption. This ensures that all communications are encrypted with strong cryptographic keys securely stored on the HSM.

PassCypher NFC HSM enhances security by generating one-time passwords (OTP) using TOTP or HOTP methods. Even if your static credentials are compromised, the dynamic passwords generated by PassCypher prevent unauthorized access. This, combined with secure key management, makes it nearly impossible for attackers to access your account. Learn more about PassCypher NFC HSM here.

These technologies add critical layers of defense, ensuring that your WhatsApp communications are protected from even the most sophisticated hacking attempts.

Preventive Measures Against WhatsApp Hacking

WhatsApp hacking can affect any user and have serious implications for both private and professional lives. Therefore, it’s crucial to adopt simple yet effective preventive measures, such as activating two-step verification, using fingerprint or face recognition, and changing your voicemail code regularly. Additionally, incorporating advanced technological solutions like those offered by Freemindtronic, such as EviCrypt, EviFile, DataShielder, and PassCypher, can further enhance your security by encrypting texts and files directly within WhatsApp, using physical origin trust criteria.

With these robust measures in place, you can greatly reduce the risk of WhatsApp hacking, ensuring that your sensitive data remains secure.

This site uses cookies to offer you a better browsing experience. By browsing this website, you agree to our use of cookies.