NSO Group Is Back in Business With 3 New iOS Zero-Click ExploitsNSO Group Is Back in Business With 3 New iOS Zero-Click Exploits
An investigation concludes that NSO Group was hired in 2022 to deploy Pegasus spyware against human rights workers in Mexico and other targets.
April 18, 2023
Israeli spyware firm NSO Group is back with at least three new iOS 15 and iOS 16 zero-click exploit chains, which were used against human rights activists in Mexico and elsewhere across the world in 2022.
The Citizen Lab, an interdisciplinary research organization in Toronto focused on communications technologies, human rights, and global security, recently released the results of its investigation into NSO Group's recent activities.
The Citizen Lab team reported finding evidence that NSO Group was hired to use the exploit chains (known as PWNYOURHOME, FINDMYPWN, and LATENTIMAGE) to deploy Pegasus spyware against human rights groups in Mexico, including Centro PRODH, which represents families accusing the country's military of abuses.
"Our ensuing investigation led us to conclude that, in 2022, NSO Group customers widely deployed at least three iOS 15 and iOS 16 zero-click exploit chains against civil society targets around the world," Citizen Lab's report said.
Apple has since issued a HomeKit security update in iOS.16.3.1, the The Citizen Lab added.
Citizen Lab recommends high-risk users use the iOS 16 feature known as "Lockdown Mode." With Lockdown Mode engaged, targets of PWNYOURHOME exploit chain were provided with real-time alerts.
"Although NSO Group may have later devised a workaround for this real-time warning, we have not seen PWNYOURHOME successfully used against any devices on which Lockdown Mode is enabled," Citizen Lab said.
The revelations come on the heels of Citizen Lab and Microsoft outing another Israel-based spyware organization, dubbed QuaDream, which was offering cyber espionage tools and services to international governments to monitor and spy on private individuals. Shortly after the expose, QuaDream said it was closing up shop.
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023