By Alexandra Bruce
This viral video put out by ConciousJooseTwo on TikTok illustrates the horrifying dystopia of the 6G sensor network-AI-CBDC-social credit system already being used against the Chinese people by their government.
By framing it as a “Palantir ad”, one becomes hopeful that Palantir is saying they’d protect us from such an abuse of this technology – but this is definitely not a Palantir advertisement and the unfettered interoperability of AI with databases, spyware and the Internet of Things develops apace.
University of Toronto Professor Emeritus and 2024 Nobel Physics Prize Laureate, Sir Geoffrey Hinton, known as “the Godfather of AI” resigned from Google Brain in 2023, citing concerns about the risks of AI technology, especially if co-opted by malicious entities. He estimated a 10% to 20% risk that AI could contribute to human extinction within the next 30 years.
According to Sabrina Wallace, the process to control humanity with AI is well underway in the West, via the 5G and 6G sensor networks of the Wireless Body Area Network (WBAN), which she claims have already connected each of our biofields as “nodes” or “devices” to the Cloud (i.e., Internet of Things) in the name of “National Security”. When Catherine Austin Fitts says, “They want to connect you to the Cloud,” this is what she’s talking about. It is not Tinfoil Hat. At the 2022 meeting of the World Economic Forum, Nokia CEO, Pekka Lundmark publicly declared that by 2030, the most common interface of Smartphone technology will be “built directly” into the physical body and that by then, cellphones will be virtually obsolete.
This technology is actively being developed and refined by the major telecom companies, Nokia, Ericsson and Bell Labs, with the EU’s Hexa-X Project.
In a July podcast, Sabrina claimed that the technology using these communications networks, to literally “log into” your biofield is called “Q” or “Pegasus“. This cellphone spyware is owned by an Israeli technology group that includes NSO, Q Cyber Technologies and OSY Technologies, where Lt Gen Mike Flynn was an Advisory Board Member for seven months in 2016.
Back in a September 2022 podcast, Tore Maras said that this spyware was datamining the cellphones of everybody on the planet and that it was controlled by the Knights of Malta. However, Tore never said anything about this technology logging into anybody’s biofields.
Roughly 39 minutes into the above podcast, she described Pegasus/Q Cybertechnologies as mostly AI-driven spyware that has datamined all of us, including the Globalists in a “sting operation” for their crimes and that “they had all been caught”.
Tore said:
“And that software was incredible, because it was able to mine all the crimes that they have done and I am so grateful for that…I am so grateful that the Knights actually thought of that; that people were against what the Pope [Benedict] was doing, by lining up with this New World Order and that Ancient Order [Knights of Malta] decided ‘Uh-uh’.”
Tore says Q was created right after General Flynn’s team was in charge of going after Julian Assange and Edward Snowden and she says that we should thank General Flynn for protecting Assange by being in the middle of it, saying, “He had people like Cassandra Fairbanks and other assets that he hired in the media…
“And just so you know, the DIA’s task force ended on the 17th of October of 2017. When did Q post? Right then.
“And you know what? All these losers that you see, telling you about Q? They’re run under McChrystal’s People First company. That’s how they’re paid. I have receipts!”
In short, what Tore was saying here that Q, as in “QAnon” refers to this spyware and she was deriding “Q decoders” as being on the payroll of PeopleFirst, an online influencer talent agency that is a front for a group of Democratic Party AI tech/strategy/lobbying companies.
Today, Tore posted the following report from the cybesecurity firm, Lookout about how Pegasus spyware works and I found it very interesting – as should everybody who owns a cellphone – to see how all of this technology works together to implement the Control Grid.
This is a great article for anyone who wants to know how their cellphones are being exploited by Pegasus, which has the ability to grab all of the input and output of your phone, to be used as an audio and video recorder or as NSO’s co-founder, Omri Lavie told the Financial Times, “Your smartphone today is the new walkie-talkie.”
Don’t be intimidated by all of the code in the illustrations, just read this to understand how Pegasus exfiltrates messages, calls, emails, logs, passwords, audio files and more from apps including Gmail, Facetime, Facebook, WhatsApp, Skype, Telegram, Mail.Ru, WeChat and many others.
Technical Analysis of Pegasus Spyware: An Investigation Into Highly Sophisticated Espionage Software
by Max Bazaliy, Michael Flossman, Andrew Blaich, Seth Hardy, Kristy Edwards, Mike Murray, of Lookout
Executive Summary
This report is an in-depth technical look at a targeted espionage attack being actively leveraged against an undetermined number of mobile users around the world. Lookout researchers have done deep analysis on a live iOS sample of the malware, detailed in this report. Citizen Lab’s investigation links the software and
infrastructure to that of NSO Group which offers a product called Pegasus solution. Pegasus is professionally developed and highly advanced in its use of zero-day vulnerabilities, code obfuscation, and encryption. It uses sophisticated function hooking to subvert OS- and application-layer security in voice/audio calls and apps including Gmail, Facebook, WhatsApp, Facetime, Viber, WeChat, Telegram, Apple’s built-in messaging and email apps, and others. It steals the victim’s contact list and GPS location, as well as personal, Wi-Fi, and router passwords stored on the device. The iOS version of the attack uses what we refer to as Trident, an exploit of three related zero-day vulnerabilities in iOS, which Apple patched in iOS 9.3.5, available as of the publishing of this report.
According to news reports, NSO Group sells weaponized software that targets mobile phones to governments and has been operating since 2010, according to its LinkedIn page. The Pegasus spyware has existed for a significant amount of time, and is advertised and sold for use on high-value targets for multiple purposes, including high-level espionage on iOS, Android, and Blackberry.
This spyware is extremely sophisticated and modular, in addition to allowing customization. It uses strong encryption to protect itself from detection by traditional security tools and has a vigorous monitoring and self-destruct mechanism. Lookout’s analysis determined that the malware exploits three zero-day vulnerabilities, Trident, in Apple’s iOS:
1. CVE-2016-4657: Memory Corruption in WebKit – A vulnerability in Safari WebKit allows the attacker to compromise the device when the user clicks on a link.
2. CVE-2016-4655: Kernel Information Leak – A kernel base mapping vulnerability that leaks information to the attacker that allows him to calculate the kernel’s location in memory.
3. CVE-2016-4656: Kernel Memory corruption leads to Jailbreak – 32 and 64 bit iOS kernel-level vulnerabilities that allow the attacker to silently jailbreak the device and install surveillance software.
The attack sequence begins with a simple phishing scheme: send a text (or Twitter or other type of) message with a benign-looking URL, user clicks on link, open web browser, load page, exploit a browser or operating system vulnerability, install software to gather information and to ensure that the software stays installed on the device (“persistence”). As soon as the targeted victim clicks the link, the attack occurs silently, with no indication to the user or device administrators that anything has occurred or that any new processes are running.
The Pegasus software is highly configurable: depending on the country of use and feature sets purchased by the user of the spyware, the surveillance capabilities include remotely accessing text messages, iMessages, calls, emails, logs, and more from apps including Gmail, Facebook, Skype, WhatsApp, Viber, Facetime, Calendar, Line, Mail.Ru, WeChat, Surespot, Tango, Telegram, and others.
Based on artifacts in the code, this spyware has been in the wild for more than two years. The exploits have configuration settings that go all the way back to iOS 7, which was released in 2013 and superseded in 2014.
Pegasus takes advantage of how integrated mobile devices are in our lives and the combination of features only available on mobile — always connected (WiFi, 3G/4G), voice communications, camera, email, messaging, GPS, passwords, and contact lists. As a result of its functional modularity, the breadth of communications and user data it monitors, and the tailored methods it instruments into other applications to exfiltrate data from them, to date, Pegasus is the most sophisticated privately-developed attack Lookout has encountered on a mobile endpoint. It hooks into widely used secure messenger applications to copy cleartext data out of them before the user’s app can encrypt and send it. From the perspective of the user and the people they’re communicating with, their communications are secure, while the administrator of the Pegasus instance has secretly intercepted the clear text of their communication. Pegasus carries a high price tag averaging at over $25,000 per target. In at least one instance, NSO Group sold 300 licenses for $8 million USD.
This report presents the technical details of the attack from the beginning of the exploit chain to the end. It includes analysis of the Trident zero-day iOS vulnerabilities that the toolkit was using to jailbreak the phone. We also look in-depth at the components of the espionage software, and have exposed the type of capabilities that an advanced mobile attacker using this software possesses.
Trident (the vulnerabilities disclosed in coordination with this report) were present in the latest versions of iOS, up to iOS 9.3.4, the latest iOS version as of August 2016 when we made these discoveries. Researchers from Lookout and Citizen Lab responsibly disclosed the exploits and their related vulnerabilities to Apple. Given the severity of Trident, Apple worked extremely quickly to patch these vulnerabilities and has released iOS 9.3.5 to address them. With the release of the patched OS, we are publishing the technical details of the attack and exploits.
Background
As mobile phones continue to be tightly integrated into our personal and work lives, malicious actors are actively creating sophisticated applications that can run on victims’ devices without either their knowledge of the threat’s presence, or of the actors’ intent. This can be seen in the diversity of threats that target mobile devices: from those that are financially motivated, such as adware, banking trojans, and SMS fraud, to those seeking personal information or corporate intellectual property. Spyware, a malicious application designed to retrieve specific information from an infected device without the victim’s knowledge, falls into the latter camp.
Spyware applications often include the ability to extract a victim’s SMS messages, contact details, record their calls, access their call logs, or remotely activate a device’s microphone and camera to surreptitiously capture audio, video, and image content. In addition to these rich features, some spyware also has the equally important ability to remotely deliver the malicious application to a target device. This is a complex and technically challenging problem, as evidenced by the amount of money private security firms and corporate bug bounty programs pay for zero-day exploits that facilitate this remote delivery.
Two private security firms, Gamma Group and Hacking Team, both made headlines after media outlets revealed that the organizations developed mobile surveillance software that has been sold to oppressive governments. These products are often very expensive and generally only accessible to well-funded attackers given the complexity involved in creating this kind of mobile spyware, and the fact that it includes zero-day exploits.
The Israeli based NSO Group has managed to avoid the spotlight of the cyber security community despite being in operation for over five years. Founded in 2010 by Niv Carmi, Shalev Hulio, and Omri Lavie, NSO Group has publicly stated that it develops and sells mobile phone surveillance software to governments around the world. It has claimed that its surveillance capability is undetectable with one of the founders stating, “We’re a complete ghost.” Private equity firm Francisco Partners acquired NSO Group in 2014 for $110 million. The founders of NSO Group play in both the cyber offense and defense spaces, having also founded the mobile security company Kaymera.
Disclosure Timeline
Citizen Lab reported the existence of the malware to Lookout on August 12, 2016. Lookout and Citizen Lab worked together to analyze the software and attempt to determine the severity of the vulnerabilities and the capabilities of the malware until August 15, 2016 when we reported the information to Apple.
The three organizations worked together from August 15, 2016 to the release of the vulnerability patches in iOS 9.3.5 on August 25, 2016.
Attack Overview
The attack is very simple in its delivery and silent in delivering its payload. The attack starts when the attacker sends a website URL (through SMS, email, social media, or any other message) to an identified target. The user only has to take one action–click on the link. Once the user clicks the link, the software silently carries out a series of exploits against the victim’s device to remotely jailbreak it so that the espionage software packages can be installed. The user’s only indication that anything happened will be that the browser closes after the link is clicked.
The espionage software contains malicious code, processes, and apps that are used to spy, collect data, and report back what the user does on the device. This spyware can access and exfiltrate messages, calls, emails, logs, and more from apps including, but not limited to: Gmail, Facetime, Facebook, Line, Mail.Ru, Calendar, WeChat, Surespot, Tango, WhatsApp, Viber, Skype, Telegram, KakaoTalk.
