By William Turton, Ryan Gallagher, and Kartikay Mehrotra
威廉·特顿(William Turton),瑞安·加拉格尔(Ryan Gallagher)和卡尔蒂·梅赫罗(Kartikay Mehrotra)
Researchers still aren’t sure exactly what infected the billionaire’s handheld. Tasked with diagnosing a suspected cyberattack on an iPhone owned by Amazon.com Chief Executive Officer Jeff Bezos, forensics experts detected a massive spike in data being siphoned from the device hours after he received a WhatsApp message from a Saudi royal. Yet the malware behind the hack remains a mystery.
研究人员仍然不确定到底是什么感染了亿万富翁的掌上电脑。 法医专家的任务是诊断亚马逊网站首席执行官杰夫·贝佐斯(Jeff Bezos)拥有的iPhone上的可疑网络攻击,他在收到沙特王室的WhatsApp消息后数小时,发现设备中的数据被大量窃取。 然而,黑客攻击背后的恶意软件仍然是个谜。
What’s clear, though, is that Bezos was hit by a potent combination: advanced code, capable of grabbing gobs of information quickly, along with an encrypted delivery system that helped it evade detection. Over the last decade, spyware has gained wider acceptance, become more lucrative and, when transmitted via encryption, increasingly effective. It has evolved from a surveillance tool available for download on the dark web, often by consumers seeking to pry into a partner’s private life, into a pricey product passed off as a way for law enforcement to root out illegal behavior. The market for mobile surveillance technology is valued at about $12 billion and remains less than 10% penetrated, according to Moody’s.
不过,显而易见的是,贝索斯受到了有效组合的打击:高级代码,能够Swift捕获大量信息的高级代码以及有助于逃避检测的加密传输系统。 在过去的十年中,间谍软件获得了越来越广泛的接受,并变得更加有利可图,并且在通过加密进行传输时,间谍软件越来越有效。 它已从可在暗网上下载的监视工具演变成一种昂贵的产品,该产品可通过暗网下载,消费者通常试图窥探伴侣的私生活,以作为执法部门根除非法行为的手段。 穆迪表示,移动监控技术市场的价值约为120亿美元,渗透率仍不到10%。
The alleged attack on Bezos would be one of the most high-profile examples of spyware being used by government officials against an individual, and it has elicited calls for greater regulation of the industry. The two United Nations experts — Agnes Callamard, UN special rapporteur on summary executions and extrajudicial killings, and David Kaye, UN special rapporteur on freedom of expression — said they want a moratorium on the sale and transfer of surveillance technology from private companies. They also called the allegations involving Bezos’s phone “a concrete example of the harms that result from the unconstrained marketing, sale and use of spyware.”
所谓的对贝佐斯的攻击将是政府官员针对个人使用的间谍软件最引人注目的例子之一,并引发了对行业进行更严格监管的呼吁。 两名联合国专家-联合国即决处决和法外处决特别报告员艾格尼丝·卡拉玛德和联合国言论自由特别报告员戴维·凯伊说,他们希望暂停私营公司出售和转让监视技术。 他们还称涉及Bezos手机的指控“是间谍软件不受限制的营销,销售和使用造成的危害的具体例子。”
“Surveillance through digital means must be subjected to the most rigorous control, including by judicial authorities and national and international export control regimes, to protect against the ease of its abuse,” they wrote in a report released Wednesday.
他们在周三发布的一份报告中写道:“通过数字手段进行的监视必须受到最严格的控制,包括受到司法当局以及国家和国际出口控制制度的控制,以防止其易于滥用。”
The UN experts and the forensic analysis of Bezos’s mobile phone, which was published by Vice, identified two electronic surveillance companies that could have developed the technology used to execute the hack. Israel’s NSO Group and Italy’s Hacking Team both sold products to Saudi officials before the 2018 attack, according to FTI Consulting Inc., which did the analysis. Saudi Arabia spent $55 million in 2017 for NSO’s Pegasus software, the Israeli newspaper Haaretz reported in November.
由Vice 出版的联合国专家和对Bezos手机的法医分析确定了两家电子监视公司,它们可能已经开发了用于执行黑客攻击的技术。 据进行分析的FTI咨询公司称,以色列的NSO集团和意大利的黑客团队都在2018年袭击发生之前向沙特官员出售了产品。 以色列报纸《 Haaretz》 11月报道 ,沙特阿拉伯在2017年为NSO的Pegasus软件花费了5500万美元。
Hacking Team didn’t respond to requests for comment, and NSO denied involvement in the attack.
黑客小组未回应置评请求,NSO拒绝参与攻击。
“Our technology was not used in this instance; we know this because of how our software works and our technology cannot be used on U.S. phone numbers,” the company said in a statement, while declining to say whether it has done business with Saudi Arabia. “Our products are only used to investigate terror and serious crime.”
“在这种情况下未使用我们的技术; 我们之所以知道这一点,是因为我们的软件是如何工作的,我们的技术不能在美国电话号码上使用,”该公司在一份声明中说,同时拒绝透露是否与沙特阿拉伯有业务往来。 “我们的产品仅用于调查恐怖和严重犯罪。”
As the industry has grown in profitability, so has its reputation as a clean and credible business, said Jack Cable, an independent security researcher and a student at Stanford University. Even so, software makers can’t guarantee that their products won’t be used for ill intent, he said.
斯坦福大学(Stanford University)的学生,独立安全研究人员杰克·凯布尔(Jack Cable)表示,随着该行业盈利能力的提高,其作为清洁,可信企业的声誉也随之提高。 他说,即便如此,软件制造商也不能保证不会将其产品用于恶意。
“We need look no further than the advertising of companies like NSO Group to see that they sell themselves as protecting human rights for their exploit services,” Cable said. At the same time their products have been employed by authoritarian governments accused of human rights abuses.
“我们只需要像NSO Group这样的公司的广告就可以看到他们以保护自己的剥削服务为人权而卖掉自己,” Cable说。 同时,他们的产品已被指控侵犯人权的专制政府使用。
Spyware is essentially a type of malware that is unwittingly loaded on the device and then takes over.
间谍软件本质上是一种恶意软件,它会不经意间加载到设备上,然后接管。
Once it’s installed, spyware like NSO’s Pegasus can begin sending back the phone user’s private data, including passwords, contact lists, calendar events, text messages and live voice calls from mobile messaging apps, according to the Pegasus manual. In some cases, the operator of the spyware can use the phone’s camera or microphone to take photographs or record audio without the target’s knowledge.
根据Pegasus 手册 ,安装完成后,诸如NSO的Pegasus之类的间谍软件就可以开始发送回手机用户的私人数据,包括密码,联系人列表,日历事件,短信和来自移动消息应用程序的实时语音呼叫。 在某些情况下,间谍软件的操作员可以在目标不知情的情况下使用手机的相机或麦克风拍摄照片或录制音频。
On its website, NSO Group notes that terrorists, drug traffickers, pedophiles and other criminals have access to advanced technology that makes them harder to monitor and track. “NSO Group develops best-in-class technology to help government agencies detect and prevent a wide-range of local and global threats.”
NSO Group在其网站上指出,恐怖分子,贩毒者,恋童癖者和其他罪犯可以使用先进的技术,从而使其难以监控和追踪。 “ NSO Group开发了一流的技术,以帮助政府机构发现并防止各种本地和全球威胁。”
Milan-based Hacking Team, founded in 2003, has sold surveillance technology to law enforcement and intelligence agencies in dozens of countries, according to company documents. Hacking Team promotional materials describe how the company’s technology — its flagship system is called “Galileo” — was designed to gain access to people’s Skype calls, social media messages, mobile phone locations, text messages and other data. The company said in a video posted online that the technology could be “deployed all over your country” and could hack devices belonging to “hundreds of thousands of targets.”
根据公司文件,总部位于米兰的Hacking Team成立于2003年,已将监视技术卖给了数十个国家的执法和情报机构。 黑客团队的宣传材料描述了公司的技术(其旗舰系统称为“伽利略”)如何设计用于访问人们的Skype呼叫,社交媒体消息,手机位置,短信和其他数据。 该公司在网上发布的视频中说,该技术可能“在整个国家部署”,并且可能会入侵属于“数十万个目标”的设备。
There is a constant cat-and-mouse game played between spyware developers and the companies responsible for mobile operating systems and applications. When a new spyware tool is discovered, developers from companies like Apple Inc. and Facebook Inc. work to release a software patch that blocks the tool from working. Then the surveillance manufacturers will work to upgrade their tools to bypass the latest security updates.
间谍软件开发人员与负责移动操作系统和应用程序的公司之间经常玩猫捉老鼠的游戏。 当发现新的间谍软件工具时,Apple Inc.和Facebook Inc.等公司的开发人员将努力发布阻止该工具运行的软件补丁。 然后,监视制造商将努力升级其工具,以绕过最新的安全更新。
In recent years, however, there have been a number of cases in which spyware has been used to hack the phones or computers of journalists, activists, politicians and ordinary civilians.
但是,近年来,在许多情况下,间谍软件已被用来入侵记者,活动家,政治人物和平民的电话或计算机。
Activists and researchers say they have identified over 100 cases where NSO Group’s technology has been abused to target dissidents, lawyers and enemies of oppressive regimes. WhatsApp and its parent company, Facebook, sued NSO Group in October alleging that the Israeli company used malware to hack into the mobile phones of 1,400 people and conduct surveillance. NSO group disputed the allegations and vowed to fight them vigorously.
活动家和研究人员说,他们已经发现了100多个 NSO Group的技术被滥用来针对持不同政见者,律师和压迫政权的敌人的案件 。 WhatsApp及其母公司Facebook在10月起诉 NSO Group,指控这家以色列公司使用恶意软件入侵了1,400人的手机并进行了监视。 NSO小组对此指控提出异议,并发誓要与之抗争。
Amnesty International is supporting a lawsuit in Tel Aviv court against the Israeli Ministry of Defense seeking revocation of NSO’s export license. The lawsuit was filed in May 2019 by a group of non-profit groups claiming NSO’s technology prioritizes profit over human rights.
国际特赦组织支持在特拉维夫法院提起诉讼,要求以色列国防部撤销NSO的出口许可证。 该诉讼是由一组非营利组织于2019年5月提起的,他们声称NSO的技术将利润置于人权之上。
From 2017 to 2019, NSO Group’s technology was linked to hacks on a British lawyer, a Canada-based Saudi dissident, and multiple U.S. citizens.
从2017年到2019年,NSO Group的技术与对英国律师,加拿大沙特异议人士和多名美国公民的黑客攻击有关。
In 2012, Ahmed Mansoor, a prominent human rights advocate in the United Arab Emirates was targeted with spyware produced by Italy’s Hacking Team. Since then, similar cases have been reported in countries including Morocco, Egypt and Bahrain.
在2012年,艾哈迈德·曼苏尔,一位著名的人权在阿拉伯联合酋长国主张是有针对性的与意大利队黑客间谍软件制作。 从那时起, 摩洛哥 , 埃及和巴林等国都报道了类似的案件。
Meanwhile, in Italy, prosecutors are currently probing a company named eSurv, whose employees developed spyware for law enforcement agencies, but then allegedly used the technology to hack the phones of hundreds of innocent Italians.
同时,在意大利,检察官目前正在调查一家名为eSurv的公司,该公司的员工为执法机构开发了间谍软件,但随后据称使用该技术入侵了数百名无辜意大利人的电话。
And the work on Bezos’s phone aimed at getting to the bottom of the hack, FTI says, is still under way.
FTI说,旨在深入探究黑客行为的贝索斯手机的工作仍在进行中。
扫一扫
702
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
