From cbd7249740a24cbd816a01241f746232d40f4ebc Mon Sep 17 00:00:00 2001
From: Raja Grewal <rg_public@proton.me>
Date: Mon, 25 Sep 2023 13:44:02 +0000
Subject: [PATCH] Add reference

Signed-off-by: Raja Grewal <rg_public@proton.me>
---
 .../Mobile Verification Toolkit for Android and iOS.md          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/posts/knowledge/Mobile Verification Toolkit for Android and iOS.md b/content/posts/knowledge/Mobile Verification Toolkit for Android and iOS.md
index aee2f47..3a1311f 100644
--- a/content/posts/knowledge/Mobile Verification Toolkit for Android and iOS.md	
+++ b/content/posts/knowledge/Mobile Verification Toolkit for Android and iOS.md	
@@ -9,7 +9,7 @@ One of the key principle components involved in maintaining both strong privacy
 
 Building on this, both independent and mainstream media are constantly awash with stories regarding the frequent discoveries of sophisticated malware installed on users phones that have the ability totally compromise a device by giving external parties effectively root access. The most well-known of these variants of spyware target hitherto unknown zero-day exploits as thoroughly discussed by [Amnesty International Security Lab](https://www.amnesty.org/en/tech/) and [The Citizen Lab](https://citizenlab.ca/).
 
-For example, there is very little any end-user can do to detect intrusions by the infamous Pegasus spyware made by the NSO Group, see [[1](https://citizenlab.ca/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/), [2](https://citizenlab.ca/2020/12/the-great-ipwn-journalists-hacked-with-suspected-nso-group-imessage-zero-click-exploit/), [3](https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/), [4](https://forbiddenstories.org/case/the-pegasus-project/), [5](https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/) [6](https://citizenlab.ca/2022/01/project-torogoz-extensive-hacking-media-civil-society-el-salvador-pegasus-spyware/), [7](https://citizenlab.ca/2022/02/bahraini-activists-hacked-with-pegasus/), [8](https://citizenlab.ca/2022/04/peace-through-pegasus-jordanian-human-rights-defenders-and-journalists-hacked-with-pegasus-spyware/), [9](https://citizenlab.ca/2022/04/uk-government-officials-targeted-pegasus/), [10](https://citizenlab.ca/2022/07/geckospy-pegasus-spyware-used-against-thailands-pro-democracy-movement/), [11](https://citizenlab.ca/2022/10/new-pegasus-spyware-abuses-identified-in-mexico/), [12](https://citizenlab.ca/2023/04/nso-groups-pegasus-spyware-returns-in-2022/), [13](https://citizenlab.ca/2023/05/cr1-armenia-pegasus/)]. A similar situation is exists with the Predator spyware created by Intellexa (formerly known as Cytrox), see [[14](https://citizenlab.ca/2021/12/pegasus-vs-predator-dissidents-doubly-infected-iphone-reveals-cytrox-mercenary-spyware), [15](https://blog.talosintelligence.com/mercenary-intellexa-predator/), [16](https://citizenlab.ca/2023/09/predator-in-the-wires-ahmed-eltantawy-targeted-with-predator-spyware-after-announcing-presidential-ambitions/)]. Other high-profile recent examples of mercenary spyware vendors include [Candiru](https://citizenlab.ca/2021/07/hooking-candiru-another-mercenary-spyware-vendor-comes-into-focus/), an [undisclosed company](https://www.amnesty.org/en/latest/news/2023/03/new-android-hacking-campaign-linked-to-mercenary-spyware-company/), [QuaDream](https://citizenlab.ca/2023/04/spyware-vendor-quadream-exploits-victims-customers/), a [mysterious source](https://securelist.com/trng-2023/), and [APT41](https://www.lookout.com/threat-intelligence/article/wyrmspy-dragonegg-surveillanceware-apt41).
+For example, there is very little any end-user can do to detect intrusions by the infamous Pegasus spyware made by the NSO Group, see [[1](https://citizenlab.ca/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/), [2](https://citizenlab.ca/2020/12/the-great-ipwn-journalists-hacked-with-suspected-nso-group-imessage-zero-click-exploit/), [3](https://www.amnesty.org/en/latest/research/2021/07/forensic-methodology-report-how-to-catch-nso-groups-pegasus/), [4](https://forbiddenstories.org/case/the-pegasus-project/), [5](https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/) [6](https://citizenlab.ca/2022/01/project-torogoz-extensive-hacking-media-civil-society-el-salvador-pegasus-spyware/), [7](https://citizenlab.ca/2022/02/bahraini-activists-hacked-with-pegasus/), [8](https://citizenlab.ca/2022/04/peace-through-pegasus-jordanian-human-rights-defenders-and-journalists-hacked-with-pegasus-spyware/), [9](https://citizenlab.ca/2022/04/uk-government-officials-targeted-pegasus/), [10](https://citizenlab.ca/2022/07/geckospy-pegasus-spyware-used-against-thailands-pro-democracy-movement/), [11](https://citizenlab.ca/2022/10/new-pegasus-spyware-abuses-identified-in-mexico/), [12](https://citizenlab.ca/2023/04/nso-groups-pegasus-spyware-returns-in-2022/), [13](https://citizenlab.ca/2023/05/cr1-armenia-pegasus/), [14](https://citizenlab.ca/2023/09/blastpass-nso-group-iphone-zero-click-zero-day-exploit-captured-in-the-wild/)]. A similar situation is exists with the Predator spyware created by Intellexa (formerly known as Cytrox), see [[15](https://citizenlab.ca/2021/12/pegasus-vs-predator-dissidents-doubly-infected-iphone-reveals-cytrox-mercenary-spyware), [16](https://blog.talosintelligence.com/mercenary-intellexa-predator/), [17](https://citizenlab.ca/2023/09/predator-in-the-wires-ahmed-eltantawy-targeted-with-predator-spyware-after-announcing-presidential-ambitions/)]. Other high-profile recent examples of mercenary spyware vendors include [Candiru](https://citizenlab.ca/2021/07/hooking-candiru-another-mercenary-spyware-vendor-comes-into-focus/), an [undisclosed company](https://www.amnesty.org/en/latest/news/2023/03/new-android-hacking-campaign-linked-to-mercenary-spyware-company/), [QuaDream](https://citizenlab.ca/2023/04/spyware-vendor-quadream-exploits-victims-customers/), a [mysterious source](https://securelist.com/trng-2023/), and [APT41](https://www.lookout.com/threat-intelligence/article/wyrmspy-dragonegg-surveillanceware-apt41).
 
 It should also be recognised and stressed that being targeted by complex mercenary spyware is an expensive undertaking and so the overwhelming majority individuals are very unlikely to be affected. The confirmed targets involve politicians, activists, developers of AI-based guidance systems, lawyers, journalists, and whistleblowers. See The Citizen Lab's [publication list](https://citizenlab.ca/publications/) for more references.