From Pegasus to Predator: The Evolution of Commercial Spyware on iOS
2024-12-30
This talk traces the evolution of iOS spyware from the initial discovery of Pegasus in 2016 to the latest cases in 2024. It begins by analyzing how exploits, infection vectors, and methods of commercial spyware on iOS have changed over time. The presentation then explores advancements in detection methods and forensic resources available to uncover commercial spyware, including a case study on the discovery and analysis of BlastPass, a recent NSO exploit. Finally, it discusses technical challenges and limitations of detection methods and data sources, concluding with open research topics and suggestions for improving the detection of commercial spyware.