Security News > 2021 > July > iPhones running latest iOS hacked to deploy NSO Group spyware
Human rights non-governmental organization Amnesty International and non-profit project Forbidden Stories revealed in a recent report that they found spyware made by Israeli surveillance firm NSO Group deployed on iPhones running Apple's latest iOS release, hacked using zero-day zero-click iMessage exploits.
Citizen Lab was able to independently observe NSO Pegasus spyware deployed on an iPhone 12 Pro Max running iOS 14.6, hacked via a zero-day zero-click iMessage exploit, which does not require interaction from the target.
The researchers also discovered zero-click iMessage attacks that led to Pegasus being installed on an iPhone SE2 phone running iOS version 14.4 and an iPhone SE2 device running iOS 14.0.1.
"The mechanics of the zero-click exploit for iOS 14.x appear to be substantially different than the KISMET exploit for iOS 13.5.1 and iOS 13.7, suggesting that it is in fact a different zero-click iMessage exploit," Citizen Lab added.
Pegasus is a spyware tool developed by NSO Group and marketed as a surveillance tool "Licensed to legitimate government agencies for the sole purpose of investigating crime and terror."
Bill Marczak July 18, 2021 NSO Group spyware used in high-profile attacks.
News URL
Related news
- NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta's Lawsuit (source)
- U.S. Judge Rules Against NSO Group in WhatsApp Pegasus Spyware Case (source)
- New LightSpy Spyware Version Targets iPhones with Increased Surveillance Tactics (source)
- NSO Group used another WhatsApp zero-day after being sued, court docs say (source)
- NSO Group Spies on People on Behalf of Governments (source)