Israeli surveillance technology company NSO Group used at least three methods to break into iPhones when targeting members of civil society in 2022, according to a report by Citizen Lab, a research group at the University of Toronto.
The methods, known as the Zero-Click Exploit Chain, allowed the company Apple Inc. Allows the phone’s security features to be bypassed and NSO’s “Pegasus” spyware installed, which can collect information from a device and also access its cameras and microphones in real time. Supervision. In a zero-click hack, the user does not need to click on a malicious link for the malware to infect the device.
Citizen Lab said the hacking methods were used against equipment belonging to members of the Miguel Agustin Pro Juarez AC Human Rights Center, better known as the Mexican human rights group Centro Prod. A representative for the group could not immediately be reached for comment.
An Apple representative said that while the threats reported by Citizen Lab only affect a “very small number of our customers”, “we take any attacks on our users very seriously and we’re working to protect more in our products.” Let’s continue.”
A spokeswoman for NSO said the company “adheres to strict regulations and its technology is used by its government customers to fight terror and crime around the world.” The spokesperson also took aim at Citizen Lab, which has produced several reports outlining the misuse of spyware from NSO and others, saying, “Citizen Lab has repeatedly produced reports that use unable to quantify the technology and they refuse to share their underlying data. ,
The Israeli firm has been the subject of intense scrutiny from Citizen Lab, journalists and government officials – due to reports that its technology has been used by government customers to spy on dissidents, journalists, politicians and others. Bloomberg reported in November that last year, NSO cut jobs and raised prices to satisfy creditors who hold the company’s nearly $400 million in debt.
The report also suggests how Apple’s new “lockdown mode” feature might work. Introduced last year, Lockdown Mode limits how the phone functions to enhance security and is intended for users who may be targeted by advanced spyware.
According to the report, for at least a brief period, Lockdown Mode notified users via push notifications that they were being targeted by the NSO group. But it appears the hackers may have figured out a way around this, according to a Citizen Lab report, which said it was unclear whether NSO’s software is still being blocked by the Apple feature.
“We’re pleased to see that Lockdown Mode intercepted this sophisticated attack and alerted users quickly, before the specific threat was discovered by Apple and security researchers,” an Apple representative said.
The report also states that NSO Group was able to evade another Apple security service built into iOS, called BlastDoor. Still, Citizen Lab said it recommends users who are at risk of being targeted with spyware enable Lockdown Mode.
Citizen Lab said it shared its findings with Apple in October 2022, prompting the company to issue a security update in February.
According to the report, the methods that Citizen Lab is calling “PWNYOURHOME” and “FINDMYPWN” use Apple’s built-in services to attack iPhones: HomeKit and Find My iPhone features.
Last month, President Joe Biden signed an executive order barring US government agencies from using the services of spyware companies that pose a threat to national security or human rights. The NSO Group was sanctioned by the Commerce Department in 2021 for “malicious cyber activities”.
This news is auto-generated through an RSS feed. We don’t have any command over it. News source: Multiple Agencies: hindustantimes, techrepublic, computerweekly,