The political elites in Spain are nervous, to the more than fifty spied on by the National Intelligence Center (CNI), including pro-independence politicians and high-ranking officials of the judiciary, the President of Spain, Pedro Sánchez, now joins , and one of its Ministers, Margarita Robles.
Hackers have stolen at least 2,6 GB of data from Pedro Sánchez's iPhone, during the year 2021, although the sensitivity of the stolen data is unknown. A hard setback for the entities in charge of digital security in the Government of Spain, and even for Apple as the manufacturer of the devices.
What data has been stolen from Pedro Sánchez's iPhone?
According to official sources from the Government of Spain, the President's iPhone was infected with the well-known Pegasus espionage program, and in 2021 it suffered the theft of 2,6 GB of information, including around 15.000 documents and around 1.000 photographs. In a second attempt during the same year 2021, the President of Spain was the subject of a new robbery, this time only 130 MB of data was charged, probably because the government teams in charge of the digital security of the Government already knew the facts and Mr. Pedro Sánchez proceeded to give a more consistent use, in accordance with his position, to his iPhone.
The most worrying thing is the fact that around 15.000 documents have been stolen, since the iPhone only classifies as such those made using word processors or in PDF format. Everything indicates that the main source of the data is the WhatsApp instant messaging application, although official government sources do not rule out that contacts or SMS have also been leaked.
The fact that suggests that WhatsApp has been the main source of the data is that Margarita Robles, the Minister of Defense, does not use the popular instant messaging application owned by Facebook, and therefore, in his case they only managed to subtract 9 MB of data, an amount markedly lower than that of the President.
How have they hacked the President of Spain?
Pegasus is the spyware tool in charge of this data leak or hack whose latest victim was the President. Launched in 2016 by NSO Group, an Israeli company gold is being made from the sale and availability of this software, it was (in theory) only available to governments.
Secrecy hovers around Pegasus, its user interface and the details of its attack mechanisms are not known, however, according to NSO Group, Pegasus only needs a phone number and will be in charge of carrying out attacks constantly, taking advantage of not only the vulnerabilities of the operating systems available on the market, attacking iOS or Android indistinctly, but also It also focuses on the possible doors opened by the different applications installed on the smartphone, such as WhatsApp.
The most common way of entering Pegasus on mobile devices is precisely taking advantage of different SMS with the model phisingWhile iMessage and WhatsApp also suffer from numerous vulnerabilities.
In the case of WhatsApp, for example, the spyware enters the device through a call through the application, in fact, it is not even necessary for the user to pick up the call, which is a real outrage in terms of security and privacy.
Pegasus takes advantage of its constant evolution and growth. Once the device is infected, the attackers take remote control of the terminals and obtain all the necessary information, in fact they can even record and filter phone calls, as happened to Jeff Bezzos, the richest man in the world and owner of Amazon.
According to NSO Group, this tool is only available to governments, despite this, official sources indicate that the infection suffered by Pedro Sánchez is due to an external agent.
We make our tool available to governments in order to prevent terrorist attacks, dismantle pedophile, sex and drug trafficking networks, locate missing and kidnapped children, locate survivors trapped under collapsed buildings and protect airspace against disruptive penetration of dangerous drones
However, there are 63 and the different personalities between politicians and judges spied on with Pegasus in Spain during the year 2021.
Is the iPhone safer against Pegasus?
As you well know, the Spanish Government decides to constantly renew its range of technological devices and members of the Congress of Deputies all use iPhone, iPad and Mac courtesy of all contributors.
Although this news has been popularized especially by having an iPhone involved, the reality is that the iPhone is not more secure than the rest of the devices in terms of Pegasus, This is not the case with the rest of the external agents, who find a security plus in the iPhone compared to Android. Meanwhile, Pegasus uses various access methods such as phishing, unverified WiFi networks or WhatsApp vulnerabilities, something that Apple cannot fight through its own operating system.
The same Emmanuel Macron, President of the French Republic, was targeted by Pegasus spyware during the year 2017 through his personal phone, another iPhone. More controversial were the cases of Cecilio Pineda and Jamal Khashoggi, journalists whose devices were infected with Pegasus and later died under mysterious circumstances.
Ordinary citizens do not take the security of our mobile devices seriously enough, that is evidence, however, it is to be hoped that the high officials and representative entities of our country do put a little more effort into protecting their privacy given the sensitivity of the information they handle. However, this does not seem to happen, and accessing the phone of Pedro Sánchez or Jeff Bezos is not more difficult than hacking the iPhone of your neighbor Paco.
I only have a real curiosity regarding the hacking of Pedro Sánchez... What will be the president's favorite stickers on WhatsApp?