Security News > 2021 > August > Pegasus Spyware Uses iPhone Zero-Click iMessage Zero-Day

A never-before-seen, zero-click iMessaging exploit has been allegedly used to illegally spy on Bahraini activists with NSO Group's Pegasus spyware, according to cybersecurity watchdog Citizen Lab.

The digital researchers are calling the new iMessaging exploit FORCEDENTRY. In a report published on Tuesday, researchers said that they've identified nine Bahraini activists whose iPhones were inflicted with Pegasus spyware between June 2020 and February 2021.

At least four of the targets were attacked by LULU: a Pegasus operator that Citizen Lab attributes with "High confidence" to the Bahraini government, which has a history of using commercially available spyware.

Citizen Lab first observed NSO Group deploying the new zero-click FORCEDENTRY iMessage exploit - which circumvents Apple's BlastDoor feature - in February 2021.

Still, the attack chains of both Pegasus and Chrysaor are the same: "The attacker sends the targeted individual a socially engineered message across any platform with messaging capabilities and silently delivers the vicious surveillanceware to the device," he described.

Lookout's Schless pointed out that ever since Lookout and Citizen Lab first discovered Pegasus back in 2016, NSO has maintained the stance that its spyware is only sold to a handful of intelligence communities within countries that have been thoroughly vetted for human rights violations.

News URL

https://threatpost.com/pegasus-spyware-uses-iphone-zero-click-imessage-zero-day/168899/