Amnesty International, in collaboration with the non-profit project Forbbiden Stories, announced the publication of a report on the discovery of spyware developed by the Israeli firm NSO Group. Apparently, this tool is capable of intercepting information on iPhone devices with the latest version of iOS using zero-day iMessage exploits.
The report mentions that this spyware was detected on an activist’s iPhone X with iOS v14.6 on June 24. The device would have been infected by a zero-click attack on a completely updated system.
Representatives of the nongovernment organization (NGO) also reported their finding to Apple: “These attacks are highly sophisticated, require an investment of millions of dollars, and are used to target specific individuals,” said Ivan Krstić, director of security engineering at Apple. Krstić adds that while this is not a latent threat to most iPhone users, they will work to try to prevent these attacks from affecting people of interest in authoritarian governments or facing criminal threats.
It is worth mentioning that Amnesty International is not the only organization to have pointed out the use of spy technology by the NSO Group. Security firm Citizen Lab recently released a report on the use of Pegasus, a powerful spyware developed by the Israeli firm, confirming that it is possible to infect any iPhone 12 Pro Max devices with iOS 14.6.
Bill Marczak of Citizen Lab mentions that these attacks can even be performed without user interaction, in a method never seen before: “The zero-click exploit mechanics for iOS 14.x appear to be substantially different from the KISMET exploit for iOS 13.5.1 and iOS 13.7, suggesting that it is in fact a completely new iMessage exploit.”
Years go by and the list of reports related to NSO Group and Pegasus continues to grow. A couple of years ago, Facebook tried to take legal action against the Israeli company for creating and selling a zero-day exploit for WhatsApp, used to extract information from government officials, journalists, political activists, dissidents and businessmen around the world.
In collaboration with Microsoft, Citizen Lab also revealed detection between another Israeli surveillance company known as Candiru and new Windows spyware called DevilsTongue, implemented through the abuse of a zero-day flaw in Windows systems.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.
