The Canadian academic research group the Citizen Lab published a report saying it had uncovered a zero-day, zero-click exploit affecting Apple devices (iPhones, Macs and Apple Watches), which they linked to Israeli technology firm NSO – which has been blacklisted by the U.S. government since 2021 for alleged abuse.
The exploit called Forced Entry was discovered by researchers in March while examining the phone of a Saudi activist who had been hacked with NSO's Pegasus spyware. The Lab believes Forced Entry has been at work since at least February.
"We attribute the exploit to NSO Group's Pegasus spyware with high confidence, based on forensics we have from the target device," said Bill Marczak, senior researcher at Citizen Lab. He said the attacker likely made a mistake during the installation, which is how Citizen Lab found the spyware. (Related: Digital spy: Study reveals phone apps could be hiding spyware that can leak personal data.)
Citizen Lab did not provide further details, but urged consumers to update their devices because they don't even have to click a link for the spyware to start working. They may not even know their devices are infected.
A spokesperson for NSO Group said it did not have any immediate comment on the Citizen Lab research.
"After identifying the vulnerability used by this exploit for iMessage, Apple rapidly developed and deployed a fix in iOS 14.8 to protect our users," said Apple Security Engineering and Architecture head Ivan Krsti?.
"We'd like to commend Citizen Lab for successfully completing the very difficult work of obtaining a sample of this exploit so we could develop this fix quickly. Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data."
NSO Group had also been found to use zero-click attacks earlier this year. In July, Amnesty International found that military-grade spyware from NSO Group was used to hack the iPhones of dozens of journalists, activists and executives.
Pegasus is the NSO Group's flagship product – a spyware that can stealthily enter a smartphone and gain access to everything on it, including its camera and microphone. It is designed to infiltrate devices running Android, Blackberry, iOS and Symbian operating systems and turn them into surveillance devices.
The company says it sells Pegasus only to governments and only for tracking criminals and terrorists.
According to a cybersecurity expert, the latest version of this spyware does not require the smartphone user to do anything. All that is required for a successful spyware attack and installation is having a particularly vulnerable app or operating system installed on the device. This is known as a zero-click exploit.
Once installed, Pegasus can harvest any data from the device and transmit it back to the attacker.
It can steal call logs, communications, location records, passwords, photos and videos, recordings, social media posts and web searches. It also has the capability to activate cameras and microphones for real-time surveillance without the permission or knowledge of the user.
According to NSO Group, it builds Pegasus solely for governments to use in counterterrorism and law enforcement work. The company markets it as a targeted spying tool to track criminals and terrorists and not for mass surveillance. The company does not disclose its clients.
The earliest reported use of Pegasus was by the Mexican government in 2011 to track notorious drug baron Joaquín "El Chapo" Guzmán. The tool was also reportedly used to track people close to murdered Saudi journalist Jamal Khashoggi.
It is unclear who or what types of people are being targeted and why. However, much of the recent reporting about Pegasus centers around a list of 50,000 phone numbers. The list has been attributed to NSO Group, but its origins are unclear.
A statement from Amnesty International in Israel stated that the list contains phone numbers that were marked as "of interest" to NSO's various clients. A media consortium, the Pegasus Project, analyzed the phone numbers on the list and identified over 1,000 people in over 50 countries.
These people include politicians, government workers, journalists, human rights activists, business executives and Arab royal family members.
Visit Surveillance.news for more stories like this.
Watch this video to learn more about the Pegasus spyware.
This video is from the Conservative Politics & NWO channel on Brighteon.com.