Apr 19, 2022 11:00:00

It was also used in NSO's spyware 'Pegasus', where a new zero-click vulnerability in the iPhone was discovered.

Citizen Lab, a security research institute based at the University of Toronto, Canada, announced on April 18, 2022 that a new zero-click

exploit was found on iOS.

CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru --The Citizen Lab
https://citizenlab.ca/2022/04/catalangate-extensive-mercenary-spyware-operation-against-catalans-using-pegasus-candiru/

Newly found zero-click iPhone exploit used in NSO spyware attacks
https://www.bleepingcomputer.com/news/security/newly-found-zero-click-iphone-exploit-used-in-nso-spyware-attacks/

Citizen Lab has announced this time an iMessage exploit used by the Israeli company NSO Group , known for its spyware ' Pegasus '.

Named 'HOMAGE,' this zero-click exploit is primarily targeted at politicians and journalists in Catalonia, the autonomous community of Spain, and is the iMessage vulnerability called 'Kismet' and WhatsApp. Used in combination with the vulnerability in.

Citizen Lab estimates that 65 Catalan activists were attacked by 'HOMAGE' between 2017 and 2020, including all Catalan government prime ministers who took office after 2010. Is also included. Specifically, Artur Mas , who served as Prime Minister from 2010 to 2016 and was infected with Peresus after his retirement, Carles Puccimon , who was in office from 2016 to 2017, and Kim, who was in office from 2018 to 2020. Mr. Torra and the current Prime Minister of Pere Aragonès since 2021.

The source of the attack using this exploit is unknown, but Citizen Lab pointed out that Pegasus is sold only to the government, saying, 'The nature of the victims and targets, the timing of the attack, the Spanish government is the NSO Group. Situational evidence that it is reported to be one of the clients suggests a strong connection with the Spanish government, 'said the involvement of the Spanish central government, which is in conflict with the Spanish government over the independence of the state of Catalunya.' He said he was strongly suspected.

According to Citizen Lab, we haven't seen any examples of Catalan targets using this exploit on devices with iOS versions newer than 13.1.3, so it's likely that the exploit was fixed in iOS 13.2. That.

Citizen Lab has already provided Apple with detailed information about the exploit, and there is evidence that iPhone users with the latest version of iOS at the time of writing were exposed to the 'HOMAGE' attack. I haven't.