A new flaw in Apple devices led to spyware infection, researchers say. On Friday, researchers at digital watchdog organization Citizen Lab reported finding malware that they attributed to Israeli company NSO and that used a recently revealed vulnerability in Apple (AAPL.O) devices.
Inspecting an employee’s Apple iPhone belonging to a civil society organization in Washington last week, Citizen Lab said it discovered the vulnerability had been exploited to infect the device with NSO’s Pegasus spyware.
“We attribute the exploit to NSO Group’s Pegasus spyware with high confidence, based on forensics we have from the target device,” said Bill Marczak, senior researcher at Citizen Lab, which is housed at the Munk School of Global Affairs and Public Policy at the University of Toronto.
He said that because Citizen Lab discovered the malware, the attacker most likely made a mistake during the installation.
According to Citizen Lab, Apple verified that activating the “Lockdown Mode” high-security option on Apple devices prevents this assault.
According to John Scott-Railton, a senior researcher at Citizen Lab, “This demonstrates that civil society is once again acting as the early warning system about really sophisticated attacks.” TCitizen Lab did not further identify the organization or the impacted person
According to the digital watchdog, the bug enabled iPhones running the most recent version of iOS (16.6) to be compromised without any involvement from the victim. This vulnerability is fixed with the latest upgrade.
After looking into the issues raised by Citizen Lab, Apple updated its products. A representative at Apple declined to speak more, and Citizen Lab recommended users upgrade their gadgets. NSO issued a statement saying, “We are unable to respond to any allegations that do not include any supporting research.”
The Israeli company has been on the U.S. government’s blocklist since 2021 due to suspected violations, including monitoring journalists and government officials.
