By On September 7, 2023, Citizen Lab, a prominent digital watchdog group, made a concerning revelation regarding a newly discovered security flaw in Apple devices. According to their findings, this vulnerability had been exploited to deliver spyware associated with the Israeli cybersecurity firm NSO Group. The incident occurred when Citizen Lab was examining the Apple device of an employee affiliated with a Washington-based civil society organization. Upon close examination, Citizen Lab uncovered that the security flaw had been weaponized to compromise the device, installing NSO’s notorious Pegasus spyware.
Bill Marczak, a senior researcher at Citizen Lab, expressed confidence in their attribution of the exploit to NSO Group’s Pegasus spyware, based on forensics obtained from the targeted device. Interestingly, the attackers appear to have made an error during the installation process, which ultimately led to the discovery of the spyware by Citizen Lab’s experts.
In a reassuring development, Citizen Lab reported that Apple had confirmed the effectiveness of its high-security feature called “Lockdown Mode” in thwarting this specific attack. This underscores the importance of security features in safeguarding against sophisticated threats.
John Scott-Railton, another senior researcher at Citizen Lab, commended civil society for once again serving as an early warning system against highly advanced cyberattacks. The organization, however, refrained from disclosing further details about the affected individual or the specific civil society group involved.
The gravity of the situation lies in the fact that the identified flaw could compromise iPhones running the latest iOS version (16.6) without requiring any interaction from the device owner. Fortunately, Apple was quick to respond by releasing updates to rectify this vulnerability. An Apple spokesperson, when approached for comment, chose not to provide additional information, while Citizen Lab strongly encouraged users to promptly update their Apple devices to safeguard against potential threats.
In response to these allegations, NSO Group issued a statement indicating their inability to respond without accompanying research to support the claims. It’s worth noting that NSO Group had been under scrutiny and blacklisted by the U.S. government since 2021 for alleged abuses, including the surveillance of government officials and journalists.
This latest revelation once again underscores the ever-evolving landscape of cybersecurity threats, where malicious actors continuously seek out vulnerabilities in popular devices and software. The proactive efforts of organizations like Citizen Lab in detecting and exposing such threats serve as a critical defense against cyberattacks and emphasize the importance of staying vigilant and keeping software and devices up to date in an increasingly digital world.
