Pegasus spyware found to exploit bug to target iPhones

A digital watchdog has discovered spyware linked to the Israeli hacking company NSO Group, which exploited a software flaw in Apple devices.

The University of Toronto’s Citizen Lab said in a statement that it had found the bug while inspecting the Apple device of a staffer at a Washington-based civil society group.

The vulnerability allowed the NSO Group to inject its Pegasus spyware remotely and surreptitiously onto iPhones and iPads.

“The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim,” the statement read, adding that its finding “shows once again civil society is targeted by highly sophisticated exploits and mercenary spyware.”

Bill Marczak, a senior researcher at Citizen Lab, told Reuters, “The indications confirm with high confidence the responsibility of NSO’s Pegasus spyware for the hacking operation, based on the forensic evidence we obtained from the target device.”

On Friday, Apple released an update for iPhones and iPads to patch the security flaw in the devices’ system software.

In recent years, NSO has been embroiled in an international scandal after being accused of providing Pegasus malware to countries with poor human rights records who used it to spy on dissidents, journalists, and activists.

The US government blacklisted the Israeli company in 2021 for its sale of hacking tools to repressive regimes.

Pegasus can let external parties access an infected device, enabling them to view photos, videos, e-mail, and text messages, even if they were sent through applications that offer encrypted communication.

It can also record conversations made on or near a device, tap its cameras, and determine the user’s location.


Source: Citizen Lab, PressTV