An iPhone belonging to a staffer at a Washington-based civil society organization was hacked remotely with spyware created by Israel’s NSO Group, according to research group Citizen Lab.
(Bloomberg) — An iPhone belonging to a staffer at a Washington-based civil society organization was hacked remotely with spyware created by Israel’s NSO Group, according to research group Citizen Lab.
The hack was discovered last week and reported to Apple Inc., which moved quickly to investigate and patch the breach, according to John Scott-Railton, a senior researcher with Citizen Lab at the University of Toronto’s Munk School.
“The gravity of the attack, which is a zero click, combined with the fact that it was being actively used in the wild against civil society makes it clear that this is the kind of thing that needs to be taken really seriously and prioritized, and we’re glad that Apple did that,” he said in an interview.
NSO Group has been sanctioned by the US since 2021 due to its Pegasus hacking tool, which has been used by some governments to target journalists and dissidents beyond their borders. It is a so-called zero-click hack, in which the user doesn’t need to click on a link in order for malware to install software that can turn phones into real-time surveillance devices.
Citizen Lab called the exploit chain BLASTPASS in a blog post on Thursday, and said it was capable of compromising iPhones running the latest version of Apple’s operating system without any interaction from the victim.
Read More: Rise of ‘Zero-Click’ Hacks Means Spying Is Harder to Stop
“We are unable to respond to any allegations that do not include any supporting research,” a spokesperson for NSO Group said.
Apple did not respond to a request for comment. The iPhone maker thanked Citizen Lab for its assistance when it released the patch on Thursday.
Citizen Lab did not identify the targeted individual or organization. Earlier this year, the research group found that NSO Group had used at least three zero-click methods to hack civil society groups, and the company’s tools have been linked to spying on prominent figures in Armenia, including a United Nations official.
In reporting the latest breach, Citizen Lab recommended “everyone who may face increased risk because of who they are or what they do to enable Lockdown Mode” on their devices. Lockdown Mode severely restricts apps and features on a person’s phone, for example blocking most message attachments.
The report comes as NSO Group has faced increased scrutiny around the world. On Thursday, Poland’s Senate published the results of an investigation into the use of Pegasus during the 2019 parliamentary elections that found violations of constitutional standards and said the vote was not fair due to the use of the spyware.
In August, the Israeli government announced that it had set up a commission to investigate whether police misused spyware, including applications made by NSO Group, in criminal investigations.
More stories like this are available on bloomberg.com
©2023 Bloomberg L.P.