On September 7, digital watchdog group Citizen Lab unveiled startling findings regarding a new security vulnerability in Apple devices, which they have linked to the Israeli firm NSO. According to their report, this security flaw was exploited by spyware, specifically NSO’s notorious Pegasus spyware, which had infected an Apple device owned by an employee of a Washington-based civil society organization. This revelation underscores the growing concerns about the use of sophisticated spyware for surveillance purposes.
Bill Marczak, a senior researcher at Citizen Lab, expressed confidence in attributing the exploit to NSO Group’s Pegasus spyware based on forensics obtained from the compromised device. Interestingly, it was revealed that the attacker had made a crucial error during the installation process, which led to the discovery of the spyware by Citizen Lab’s investigators.
One significant takeaway from this discovery is the effectiveness of Apple’s “Lockdown Mode,” a high-security feature that can thwart this specific type of attack. The fact that civil society organizations like Citizen Lab are often at the forefront of detecting and reporting such advanced cyber threats highlights their crucial role in the digital landscape.
Although Citizen Lab did not disclose the identity of the affected individual or the organization involved, they did emphasize the seriousness of the flaw, which could compromise iPhones running the latest iOS version (16.6) without any interaction required from the victim. However, Apple acted swiftly to address the issue, releasing updates to fix this vulnerability. An Apple spokesperson refrained from providing further details, while Citizen Lab urged all Apple device users to promptly update their devices to safeguard against potential exploits.
NSO Group, which has faced severe scrutiny and backlash, including being blacklisted by the U.S. government in 2021, responded to the allegations with a statement asserting their inability to respond without supporting research. The Israeli firm has been embroiled in controversy due to allegations of abuse, including the surveillance of government officials and journalists.
This latest revelation once again underscores the ongoing battle between cybersecurity researchers and organizations involved in developing and deploying sophisticated spyware. It serves as a stark reminder of the evolving nature of cyber threats and the critical importance of vigilance and swift action in securing digital devices and networks.