Researchers at digital watchdog group Citizen Lab said they found spyware linked to Israeli firm NSO that took advantage of a newly discovered flaw. Apple equipment.
While inspecting the Apple device of an employee of the Washington-based civil society group last week, Citizen Lab said it found the flaw that was used to infect the device with NSO’s Pegasus spyware, it said in a statement.
“We attribute this exploit to NSO Group’s Pegasus spyware with high confidence, based on forensics obtained from the target device,” said Bill Marczak, senior researcher at the Citizen Lab, based at the Munk School of Global Affairs and Public Relations at the University of Toronto. ” Policy.
He said the attacker may have probably made a mistake during installation, which led to Citizen Lab getting the spyware.
Citizen Lab said Apple has confirmed to them that using “Lockdown Mode,” a high-security feature available on Apple devices, prevents this particular attack.
“This shows that civil society is once again really acting as an early warning system about sophisticated attacks,” said John Scott-Railton, senior researcher at Citizen Lab.
Citizen Lab did not provide further details about the affected individuals or organizations.
The digital watchdog said the flaw made it possible to compromise an iPhone running the latest version of iOS (16.6) without any interaction from the victim. The new update fixes this vulnerability.
Apple released new updates to its devices after investigating the flaws reported by Citizen Lab.
An Apple spokesperson said it had no further comment, while Citizen Lab urged consumers to update their devices.
“We are unable to respond to any allegations that do not include any supporting research,” NSO said in a statement.
The Israeli firm has been blacklisted by the US government since 2021 for alleged abuses, including surveillance of government officials and journalists.