 |
| Pegasus attack evades iPhone security protection |
Human rights activists were hacked with Pegasus spyware from the Israeli company NSO Group.
Citizen Lab researchers said the activist's iPhone was attacked by powerful spyware earlier this year that was sold to nation states that defeated Apple's new security measures.
Citizens Lab, an internet watchdog from the University of Toronto, analyzed the activist's iPhone 12 Pro and found evidence that it had been hacked since February, allowing the victim's device to be infected without user intervention.
The attack exploited a previously unknown vulnerability in Apple iMessage, which was used to develop Pegasus spyware.
The hack is significant because Citizen Lab researchers said they found evidence that at the time the attack successfully used the latest iPhone software, including iOS 14.4 and iOS 14.6 that Apple released in May and has been published.
The hacker also bypassed a new software security feature called BlastDoor, built into all versions of iOS 14, designed to prevent hacking of these devices by filtering malicious data sent via iMessage.
Given the ability to bypass BlastDoor, researchers are calling this latest vulnerability ForcedEntry.
"The company clearly condemns cyber attacks against journalists, human rights activists and others working to make the world a better place," said Apple's director of engineering and security engineering. An attack like the one he described is very complex. Development costs can run into millions of dollars. Its shelf life is generally very short. It is used to address specific people.
"These attacks will not pose a threat to the vast majority of our users," he added. We will continue to work hard to keep all of our customers safe. We keep adding new protections to your devices and data.
Pegasus attack evades iPhone security protection
The NSO Group said Citizen Lab results have yet to come out. He added that he was investigating whether he had received reliable information about the abuse of the system.
The NSO Group recently claimed that it had banned five government officials from visiting Pegasus due to human rights abuses.
For many years, the National Statistics Office was accused of helping the government monitor political opponents, journalists, and human rights defenders.
Earlier this year, with the launch of Project Pegasus, such claims gained legitimacy, which was the main media exposure of the business activities of Israeli spyware companies.
The project exposed a leaked list of nearly 50,000 phone numbers. The researchers say this is a potential Pegasus monitoring target.
In addition, it has been confirmed that the list includes international celebrities. Including former presidents and prime ministers.
The NSO Group continues to defend its allegations of wrongdoing, claiming that its products are used in the fight against terrorism.
The company said it sells its products to military and intelligence agencies. She laughed at the results of the Pegasus plan and said that it was unfounded.