A newly identified vulnerability in Apple (AAPL.O) devices was exploited by malware, according to researchers at digital watchdog organization Citizen Lab on Friday. The software was connected to the Israeli company NSO.
Last week, Citizen Lab claimed to have discovered a hole that had been used to infect the Apple device of a member of a civil society organization located in Washington with NSO’s Pegasus spyware.
“We attribute the exploit to NSO Group’s Pegasus spyware with high confidence, based on forensics we have from the target device,” said Bill Marczak, senior researcher at Citizen Lab, which is housed at the Munk School of Global Affairs and Public Policy at the University of Toronto.
He said that because Citizen Lab discovered the malware, the attacker probably installed the spyware incorrectly.
According to Citizen Lab, Apple has verified that the high-security feature “Lockdown Mode” on Apple devices prevents this assault.
John Scott-Railton, a senior researcher at Citizen Lab, stated that this demonstrated how civil society was once again acting as an early warning system for very complex assaults.
Citizen Lab provided no more information on the organization or the impacted person.
According to the digital watchdog, the bug made it possible to hack iPhones running the most recent version of iOS (16.6) without the victim’s involvement. The most recent patch closes this hole.
After looking into the issues raised by Citizen Lab, Apple released fresh software upgrades for their products. While Citizen Lab recommended users to upgrade their devices, an Apple spokesman claimed the company had no more comment.
The NSO said in a statement, “We are unable to respond to any allegations that do not include any supporting research.”
The American government has placed the Israeli company on a blocklist until 2021 due to abuse allegations, including monitoring journalists and government officials.
