ioc[.]one - OSINT Cyber Threat Intelligence Database

Forensics Analysis of the NSO Group’s Pegasus Spyware

Tags

country:	Azerbaijan Bahrain France Hungary India United States Of America
attack-pattern:	Domains - T1583.001 Domains - T1584.001 Exploits - T1587.004 Exploits - T1588.005 Javascript - T1059.007 Malicious Link - T1204.001 Malware - T1587.001 Malware - T1588.001 Sms Messages - T1636.004 Vulnerabilities - T1588.006

Show in Graph

Common Information

Type	Value
UUID	e7dc13fe-0152-49ff-b4f2-7bf8fd9430c5
Fingerprint	e8a019df09b549b1
Analysis status	DONE
Considered CTI value	0
Text language
Published	Jan. 12, 2022, 5:01 a.m.
Added to db	Sept. 26, 2022, 9:34 a.m.
Last updated	Nov. 17, 2024, 7:44 p.m.
Headline	Forensics Analysis of the NSO Group’s Pegasus Spyware
Title	Forensics Analysis of the NSO Group’s Pegasus Spyware
Detected Hints/Tags/Attributes	40/2/22

Source URLs

	Redirection	Url
Details	Source	https://lifars.com/2022/01/forensics-analysis-of-the-nso-groups-pegasus-spyware/

URL Provider

Details	Provider	Source level domain
Details	lifars.com	lifars.com

Attributes

Details	Type	#Events	Value
Details	CVE	16	cve-2021-30860
Details	Domain	359	com.apple
Details	Domain	67	citizenlab.ca
Details	Domain	36	googleprojectzero.blogspot.com
Details	Domain	4127	github.com
Details	File	4	datausage.sql
Details	File	4	idstatuscache.pl
Details	File	4	netusage.sql
Details	File	7	cache.db
Details	File	3	a-deep-dive-into-nso-zero-click.html
Details	File	1	analyzing-pegasus-spywares-zero-click-iphone-exploit-forcedentry.html
Details	Github username	4	mvt-project
Details	Github username	6	amnestytech
Details	Url	3	https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus
Details	Url	2	https://citizenlab.ca/2020/12/the-great-ipwn-journalists-hacked-with-suspected-nso-group-imessage-zero-click-exploit
Details	Url	1	https://citizenlab.ca/2021/08/bahrain-hacks-activists-with-nso-group-zero-click-iphone-exploits
Details	Url	1	https://citizenlab.ca/2021/10/breaking-news-new-york-times-journalist-ben-hubbard-pegasus
Details	Url	1	https://citizenlab.ca/2021/11/palestinian-human-rights-defenders-hacked-nso-groups-pegasus-spyware
Details	Url	2	https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html
Details	Url	1	https://www.trendmicro.com/en_us/research/21/i/analyzing-pegasus-spywares-zero-click-iphone-exploit-forcedentry.html
Details	Url	3	https://github.com/mvt-project/mvt
Details	Url	2	https://github.com/amnestytech/investigations/tree/master/2021-07-18_nso