Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

Newly found zero-click iPhone exploit used in NSO spyware attacks

Digital threat researchers at Citizen Lab have discovered a new zero-click iMessage exploit used to install NSO Group spyware on iPhones belonging to Catalan politicians, journalists, and activists.

The previously unknown iOS zero-click security flaw dubbed HOMAGE affects some versions before iOS 13.2 (the latest stable iOS version is 15.4).

It was used in a campaign targeting at least 65 people with NSO’s Pegasus spyware between 2017 and 2020, together with the Kismet iMessage exploit and a WhatsApp flaw.

Among the victims of these attacks, Citizen Lab mentioned Catalan Members of the European Parliament (MEPs), every Catalan president since 2010, as well as Catalan legislators, jurists, journalists, and members of civil society organizations and their families.

“Among Catalan targets, we did not see any instances of the HOMAGE exploit used against a device running a version of iOS greater than 13.1.3. It is possible that the exploit was fixed in iOS 13.2,” Citizen Lab said.

“We are not aware of any zero-day, zero-click exploits deployed against Catalan targets following iOS 13.1.3 and before iOS 13.5.1.”

The academic research lab has reported and provided Apple with the forensic artifacts needed to investigate the exploit and says there is no evidence that Apple customers using the latest versions of iOS are exposed to HOMAGE attacks.

“At this time the Citizen Lab is not conclusively attributing these hacking operations to a particular government, however a range of circumstantial evidence points to a strong nexus with one or more entities within Spanish government,” Citizen Lab added.

JSR Homage iOS zero-click zero-day exploit

EU Commission, UK govt, Finnish diplomats, US State Dept also targeted

As Reuters reported, NSO spyware was also used in attacks targeting senior European Commission officials last year, including the European Justice Commissioner.

According to Citizen Lab Director Ron Deibert, multiple suspected infections with Pegasus spyware within official UK networks were also reported by Citizen Lab to the government of the United Kingdom.

A suspected infection on a device belonging to an official at the Prime Minister’s Office was associated with Pegasus operators linked to the UAE, while attacks relating to UK’s Foreign and Commonwealth Office linked to the UAE, India, Cyprus, and Jordan.

Finland’s Ministry for Foreign Affairs said in January that devices of Finnish diplomats had been infected with NSO Group’s Pegasus spyware after US Department of State employees also found that their iPhones had been hacked to install the same spyware.

The European Parliament is setting up a committee of inquiry (which will hold its first meeting on April 19) to investigate breaches of EU law stemming from the use of NSO Pegasus and equivalent spyware.

Pegasus, a spyware tool developed by Israeli surveillance firm NSO Group, is marketed as surveillance software licensed to governments worldwide for “investigating crime and terror.”

“The spyware covertly penetrates mobile phones (and other devices) and is capable of reading texts, listening to calls, collecting passwords, tracking locations, accessing the target device’s microphone and camera, and harvesting information from apps,” Citizen Labs explains.

“Encrypted calls and chats can also be monitored. The technology can even maintain access to victims’ cloud accounts after the infection has ended.”

Advertisement. Scroll to continue reading.

Source: https://www.bleepingcomputer.com/news/security/newly-found-zero-click-iphone-exploit-used-in-nso-spyware-attacks/

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

On June 21, 2023, hackers broke into LetMeSpy’s servers and stole private data. Following the hack, the attackers were able to obtain unauthorized access...

Cyber Security

Proof-of-concept exploit code will be released later this week for a critical vulnerability allowing remote code execution (RCE) without authentication in several VMware products....

Cyber Security

Bug bounty platform HackerOne has launched a scheme to encourage customers to adopt a standard policy geared towards protecting hackers from potential legal problems. The Gold Standard...

Cyber Security

Last month two Italian security researchers revealed they had netted more than $46,000 in bug bounties after discovering a misconfiguration vulnerability in Akamai – despite receiving nothing from...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO