This briefing will take an in-depth look at the technical capabilities of mobile attacks that are being leveraged against real targets for the purpose of espionage. We will focus on Pegasus, a lawful intercept product, and the features and exploit chain it used. We will describe how we discovered and tracked the developer’s infrastructure prior to the attack, and how we later caught a sample of the elusive malcode being used against a prominent human rights defender.
by Andrew Blaich, Max Bazaliy, Seth Hardy
Full Abstract: https://www.blackhat.com/eu-16/briefings/schedule/#mobile-espionage-in-the-wild-pegasus-and-nation-state-level-attacks-5127