Newly found zero-click iPhone exploit used in NSO spyware attacks

newly-found-zero-click-iphone-exploit-used-in-nso-spyware-attacks

As you well know that someone could be secretly watching you or your child with your webcam right now? Is it worth taking such a risk? camDown can help stop them!

This fucking thing is insane. It's using a pdf file with a .gif extension to circumvent the BlastDoor sandbox in iMessage.

Then it's using the quirks in the implementation of the jbig2 standard (a PDF standard from fucking 1993) to force a buffer overflow in the XPdf code to access memory addresses outside the normal operation of the program...

And then it fucking builds a logic gate circuit inside the unauthorized memory addresses to push code and take control of the phone since the lossless version of jbig2 is actually Turing-complete.

https://googleprojectzero.blogspot.com/2021/12/a-deep-dive-into-nso-zero-click.html?m=1

So just by receiving that corrupted .gif they can delete any notification or sign that you ever received it and they can spy on all your conversations and contacts. Zero clicks. No visible traces for a normal user. Boom. Are you using Telegram? Signal? HTTPS? A VPN? It matters jack fucking shit. They have kernel level control.

Who the fuck thinks like this?!? What is wrong with people?!? What the fuck?!?!?

On a final note, after all of that camDown is easy to use, easy to maintain and I am certain your friends would say the same!