Researchers at the digital watchdog group Citizen Lab reported finding spyware on Thursday that they linked to the Israeli company NSO and that took use of a recently identified vulnerability in Apple devices.
Inspecting an employee’s Apple device belonging to a civil society organization based in Washington last week, Citizen Lab claimed it discovered the vulnerability had been exploited to infect the device with NSO’s Pegasus spyware.
“We attribute the exploit to NSO Group’s Pegasus spyware with high confidence, based on forensics we have from the target device,” said Bill Marczak, senior researcher at Citizen Lab, which is housed at the Munk School of Global Affairs and Public Policy at the University of Toronto.
He claimed that since Citizen Lab discovered the malware, the spyware was probably installed incorrectly by the attacker.
According to Citizen Lab, Apple has confirmed that the high security feature “Lockdown Mode” available on Apple devices prevents this specific assault.
John Scott-Railton, a senior researcher at Citizen Lab, stated that this demonstrated how civil society was once again acting as an early warning system for very complex attacks.
Citizen Lab did not offer any additional information on the organization or the affected person.
According to the digital watchdog, the bug made it possible to hack iPhones running the most recent version of iOS (16.6) without the victim’s involvement. The most recent patch closes this hole.
After looking into the issues raised by Citizen Lab, Apple updated its products. A representative for Apple declined to speak further, and Citizen Lab recommended users to upgrade their gadgets.
NSO issued a statement in which it stated, “We are unable to respond to any allegations that do not include any supporting research.”
The Israeli company has been on the U.S. government’s blacklist since 2021 due to suspected violations, including the surveillance of journalists and government officials.