Finnish diplomats’ phones infected with NSO Group Pegasus spyware

Although I&#x27;m certainly no celebrity &#x2F; important likely target of hackers, I&#x27;m interested in this just because recently I&#x27;ve gotten paranoid about my financial accounts (after a company I used to work for finally went public and I was fortunate to cash out an amount of $).<p>When hackers use such exploits, do they then basically have something like remote control over your phone, and can start exfiltrating data &#x2F; manipulating apps while you&#x27;re not paying attention? Or what do they do with it then? Are you able to tell, by seeing your phone slow down or start to have unexplained screen behaviors? Suppose that I&#x27;m logged into my Google apps on my phone, does that mean they have access to all my gmail, google docs, etc. as well?<p>Do these kinds of exploits also exist&#x2F;get used to target people on their laptops and desktop machines as well? Or is that a little less likely, since your phone is specifically identified with you and people can easily go after your known phone number?<p>I wonder if there is some resource where people can read about how to detect and avoid such exploits and protect against them?

NSO is just the one that sells a fully weaponized product but many companies out there are capable of selling you exploits with similar capabilities. Like Zerodium,Immunity Inc etc etc

I propose that any article like this don&#x27;t refer to it as &quot;NSO spyware&quot;, but instead refer to it as &quot;Israeli spyware&quot;.<p>The reality is that while NSO Group is a private company, it has deep links to the Israeli government and generally doesn&#x27;t allow it&#x27;s services to be used against the interests of the Israeli state.<p>Hiding behind a corporate name to maintain Israel&#x27;s reputation in international media isn&#x27;t really okay.

These articles are kinda pointless. Every diplomat knows the score right now. Every state worth talking about is in whatever phone they want to be in. This is why the Russian ambassador memorizes code words in order to communicate with Moscow. People have basically given up trying to keep vital secrets over a phone.

What about patching the vulnerabilities rather than running around with anger? We can sue the hell out of them and convince the Israeli government to ban them altogether but this is obviously doomed to repeat, somebody will inevitably take the place sooner or later, legally or illegally.

I think it would be good hygiene to completely reset phones every year or half-year. Now, if it were common practice, I guess the exploits would get around that too (or they already do?)

When are governments going to finally realize that voice calls, text, and maybe plaintext email are enough for work phones?<p>Is playing Candy Crush on your work phone really a mission-critical cyberpriority?<p>All the high-security executive&#x2F;legislative people (at least in the US) have two phones: the personal phone and the work phone. Whoever made the decision for the work phones to be &quot;smart&quot; needs to be fired. The old dumb Blackberries could easily be resurrected if a government-sized buyer committed to a purchase.

Recent thread: <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=30118276" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=30118276</a> (9 comments)

How does it get installed? I&#x27;m imagining some spy stealing the phone and installing it.

This is ridiculous. Hacking by these groups needs to Finnish.