INFORMATION
Spyware Infection: New flaw in Apple devices led to spyware infection, researchers say
Researchers at digital watchdog group Citizen Lab said on Thursday they found spyware they linked to Israeli firm NSO that exploited a newly discovered flaw in Apple devices. While inspecting the Apple device of an employee of a Washington-based civil society group last week, Citizen Lab said it found the flaw had been used to infect the device with NSO’s Pegasus spyware, it said in a statement.
“We attribute the exploit to NSO Group’s Pegasus spyware with high confidence, based on forensics we have from the target device,” said Bill Marczak, senior researcher at Citizen Lab, which is based at the University of Toronto’s Munk School of Global Affairs and Public Policy. He said the attacker likely made a mistake during the installation which is how Citizen Lab found the spyware.
Citizen Lab said Apple confirmed to them that using the high security feature “Lockdown Mode” available on Apple devices blocks this particular attack. “This shows that civil society is once again serving as the early warning system about really sophisticated attacks,” said John Scott-Railton, senior researcher at Citizen Lab.
The flaw allowed compromise of iPhones running the latest version of iOS (16.6) without any interaction from the victim, the digital watchdog said. The new update fixes this vulnerability. Apple issued new updates on its devices after investigating the flaws reported by Citizen Lab.
“We attribute the exploit to NSO Group’s Pegasus spyware with high confidence, based on forensics we have from the target device,” said Bill Marczak, senior researcher at Citizen Lab, which is based at the University of Toronto’s Munk School of Global Affairs and Public Policy. He said the attacker likely made a mistake during the installation which is how Citizen Lab found the spyware.
Citizen Lab said Apple confirmed to them that using the high security feature “Lockdown Mode” available on Apple devices blocks this particular attack. “This shows that civil society is once again serving as the early warning system about really sophisticated attacks,” said John Scott-Railton, senior researcher at Citizen Lab.
The flaw allowed compromise of iPhones running the latest version of iOS (16.6) without any interaction from the victim, the digital watchdog said. The new update fixes this vulnerability. Apple issued new updates on its devices after investigating the flaws reported by Citizen Lab.
