“The flaw allowed compromise of iPhones running the latest version of iOS (16.6) without any interaction from the victim, the digital watchdog said. The new update fixes this vulnerability.”
Researchers at digital watchdog group Citizen Lab have identified spyware linked to Israeli firm NSO that exploits a recently discovered vulnerability in Apple devices, the company said on Thursday.
During an examination of the Apple device owned by an employee of a Washington-based civil society group last week, Citizen Lab confirmed that the flaw had been utilized to infect the device with NSO’s Pegasus spyware, Reuters reported, citing an announcement from the company.
“We attribute the exploit to NSO Group’s Pegasus spyware with high confidence, based on forensics we have from the target device.” said Bill Marczak, senior researcher at Citizen Lab, which is based at the University of Toronto’s Munk School of Global Affairs and Public Policy.
Marczak added that the attacker probably made an error during the installation process, which is how Citizen Lab stumbled upon the spyware. According to Citizen Lab, Apple has confirmed that employing the high-security feature known as “Lockdown Mode,” which is accessible on Apple devices, can thwart this specific attack.
“This shows that civil society is once again serving as the early warning system about really sophisticated attacks,” said John Scott-Railton, senior researcher at Citizen Lab.
However, Citizen Lab refrained from disclosing additional information about the impacted individual or the organization involved.
“The flaw allowed compromise of iPhones running the latest version of iOS (16.6) without any interaction from the victim, the digital watchdog said. The new update fixes this vulnerability,” Reuters wrote.
After investigating the reported flaws by Citizen Lab, Apple said it has released new updates for its devices. When contacted, an Apple spokesperson declined to provide additional comments, but Citizen Lab encouraged users to update their devices.
In a statement, NSO responded saying: “We are unable to respond to any allegations that do not include any supporting research.”
It’s worth noting that the U.S. government blacklisted the Israeli company in 2021 due to alleged misconduct, such as surveilling government officials and journalists.
The NSO Group is a notorious Israel-based NSO Group cybersecurity tech startup known for its Pegasus malware. As we first reported in 2018, The NSO Group spyware is used by private companies and government agencies to spy on their citizens. Its military-grade Pegasus spyware is also licensed to governments around the globe and can infect phones without a click. NSO’s Pegasus software has been used to record conversations and gain access to photos, text messages, and smartphones.
Last year, NSO Group reportedly breached the mobile phone Spanish Prime Minister. Spanish authorities reported they had detected “Pegasus” spyware in the mobile phones of Prime Minister Pedro Sanchez and Defence Minister Margarita Roble.