Technology NewsTechnology NewsTechnology News
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Reading: Exposing NSO Group’s MMS Fingerprint Mobile Network Attack
Share
Font ResizerAa
Technology NewsTechnology News
Font ResizerAa
Search
  • Computing
  • AI
  • Robotics
  • Cybersecurity
  • Electric Vehicle
  • Wearables
  • Gaming
  • Space
Follow US
  • Cookie Policy (EU)
  • Contact
  • About
© 2025 NEWSLINKER - Powered by LK SOFTWARE
Cybersecurity

Exposing NSO Group’s MMS Fingerprint Mobile Network Attack

Highlights

  • NSO Group's contract exposes MMS Fingerprint attack.

  • WhatsApp vulnerability led to a lawsuit against NSO.

  • Researchers validate attack's feasibility; suggest defensive measures.

NEWSLINKER
Last updated: 20 February, 2024 - 6:41 am 6:41 am
NEWSLINKER 1 year ago
Share
SHARE

A single sentence in a contractual agreement between the NSO Group and the Ghanaian telecom regulator has brought to light a heretofore undisclosed mobile network attack known as the “MMS Fingerprint.” This attack is believed to have been operational across all major smartphone platforms, including Blackberry, Android, and iOS, suggesting it is an OS-independent threat tied to MMS protocols.

Contents
WhatsApp Vulnerability and Legal Battle with NSO GroupContractual Details Shed Light on the Attack’s Mechanism

WhatsApp Vulnerability and Legal Battle with NSO Group

A major security breach was discovered in WhatsApp in May 2019, allowing attackers to implant Pegasus spyware onto users’ phones. The exploit was activated through a WhatsApp voice call and could take control of a device without alerting the user. Subsequently, WhatsApp initiated legal action against NSO Group in October 2019, allegations and objections that have been continuously upheld in the US courts despite NSO’s attempts to dismiss the case.

Contractual Details Shed Light on the Attack’s Mechanism

While many details about NSO’s operations have been openly discussed, specific information from the NSO reseller contract—including a feature named “MMS Fingerprint”—had not been publicly analyzed. This tool reportedly could reveal device and OS details through a simple MMS, requiring no user interaction. The technique involved an SMS component leading to an HTTP GET request, which could transmit device information, potentially during the MMS retrieval process.

Researchers at ENEA, a Swedish telecom security firm, were able to demonstrate the feasibility of capturing User Agent and x-wap-profile data from devices using this method. These fields provide device identification and a profile of the phone’s capabilities, which attackers could exploit in crafting targeted attacks or phishing campaigns.

The research team managed to cloak the operation, ensuring that the MMS content remained hidden on the target device by using a silent SMS and manipulating message settings. Despite the demonstrated efficacy of the technique, there have been no confirmed instances of its exploitation in the wild.

For protection against potential attacks utilizing this vulnerability, mobile users are advised to disable automatic MMS retrieval, and mobile operators are encouraged to block internet connections through MMS ports.

You can follow us on Youtube, Telegram, Facebook, Linkedin, Twitter ( X ), Mastodon and Bluesky

You Might Also Like

Law Enforcement Shuts Down AVCheck to Block Cybercriminal Tool Access

FBI Arrests DIA Insider for Alleged Classified Info Leak

Senators Demand DHS Restore Cyber Safety Review Board After Hack

Treasury Department Stops Crypto Scam Network With Sanctions

Attackers Target Ivanti EPMM Flaws, Breaching Major Sectors

Share This Article
Facebook Twitter Copy Link Print
By NEWSLINKER
NEWS LINKER is your premier source for the latest in business, finance, science, gaming, and technology. We are dedicated to bringing you the most accurate, timely, and engaging content from across these dynamic industries. Dive deep into the world of cutting-edge developments, breakthroughs, market trends, and game-changing innovations..
Previous Article Nintendo to Stream First Partner Showcase of the Year for Switch Games
Next Article Top DDoS Protection Tools and Services for 2024

Stay Connected

6.2kLike
8kFollow
2.3kSubscribe
1.7kFollow

Latest News

Apple Launches Dedicated Gaming App as WWDC 2025 Approaches
Gaming
Robotics Innovations Drive Industry Forward at Major 2025 Trade Shows
Robotics
Iridium and Syniverse Deliver Direct-to-Device Satellite Connectivity
IoT
Wordle Players Guess “ROUGH” as June Begins With Fresh Puzzle
Gaming
SpaceX and Axiom Launch New Missions as Japan Retires H-2A Rocket
Technology
NEWSLINKER – your premier source for the latest updates in ai, robotics, electric vehicle, gaming, and technology. We are dedicated to bringing you the most accurate, timely, and engaging content from across these dynamic industries. Join us on our journey of discovery and stay informed in this ever-evolving digital age.

ARTIFICAL INTELLIGENCE

  • Can Artificial Intelligence Achieve Consciousness?
  • What is Artificial Intelligence (AI)?
  • How does Artificial Intelligence Work?
  • Will AI Take Over the World?
  • What Is OpenAI?
  • What is Artifical General Intelligence?

ELECTRIC VEHICLE

  • What is Electric Vehicle in Simple Words?
  • How do Electric Cars Work?
  • What is the Advantage and Disadvantage of Electric Cars?
  • Is Electric Car the Future?

RESEARCH

  • Robotics Market Research & Report
  • Everything you need to know about IoT
  • What Is Wearable Technology?
  • What is FANUC Robotics?
  • What is Anthropic AI?
Technology NewsTechnology News
Follow US
About Us   -  Cookie Policy   -   Contact

© 2025 NEWSLINKER. Powered by LK SOFTWARE
Welcome Back!

Sign in to your account

Register Lost your password?