Three ``zero-click attacks'' that infect the user's iPhone with Pegasus spyware have been confirmed, and there is also the possibility that the government or the military will be involved behind the scenes



The Citizen Lab at the University of Toronto reports that Israeli digital surveillance company NSO Group will use Apple devices to deploy at least three new zero-click attacks in 2022, targeting human rights activists and others. The attack allows NSO to infiltrate a victim's device without the victim tapping a malicious link or taking any action. NSO continues to develop ways to hack iPhones. It seems that it was shown that it was, but it was also found that the victim's iPhone succeeded in avoiding some attacks due to the ' lockdown mode ' adopted from iOS 16.

Triple Threat: NSO Group's Pegasus Spyware Returns in 2022 with a Trio of iOS 15 and iOS 16 Zero-Click Exploit Chains - The Citizen Lab
https://citizenlab.ca/2023/04/nso-groups-pegasus-spyware-returns-in-2022/



NSO Group Targeted Apple's FindMy and Homekit Features With New Zero-Click Exploits
https://www.gizmodo.com.au/2023/04/nso-group-targeted-apples-findmy-and-homekit-features-with-new-zero-click-exploits/



You can understand what kind of spyware Pegasus is by reading the following article.

What is spyware 'Pegasus' that monitors celebrities and politicians around the world via iPhone and Android? -GIGAZINE



The existence of Pegasus became widely known around the world around 2020, and the NSO Group, which developed it, received strong criticism from around the world. It seems that Pegasus infection reports have decreased as the modus operandi has been revealed, but according to The Citizen Lab, there was evidence that the devices of two Mexican human rights activists were infected with Pegasus by zero-click attacks. that's right.

The newly confirmed zero-click attack targets devices with iOS 15 or iOS 16, and at the time of writing the article, two human rights defenders living in Mexico are suffering. According to The Citizen Lab, one of the two victims received 'FINDMYPWN,' which targets the iPhone's Find My feature, and the other received 'PWNYOURHOME,' which exploits the iPhone's HomeKit and iMessage. that's right. Especially for HomeKit, even if you have never set up a smart home, you will be the target of attacks. In addition to 'FINDMYPWN' and 'PWNYOURHOME', a zero-click attack called 'LATENTIMAGE' was also confirmed.



However, it has also been reported that ``PWNYOURHOME'' has enabled a lockdown mode that detects cyberattacks installed in iOS 16, displaying a warning notification at the time of attack and preventing the attack.

According to The Citizen Lab, in Mexico, the government, drug cartels, and left-wing student movement groups have been in conflict for a long time, and by 2022, security has deteriorated to the point that more than 100,000 disappearances have been confirmed in Mexico. increase. In addition, many politicians and activists in Mexico have been found to be monitored by Pegasus.

New evidence found that journalists' smartphones reporting corruption and human rights violations in Mexico were infected with spyware 'Pegasus' - GIGAZINE



In 2015, 43 students from the University of Education went missing during a demonstration over teacher employment issues and were later found murdered by a local drug gang . It is reported that the student's smartphone was infected with spyware. Also in 2017, three members of a Mexican human rights group who were defending the families of the Iguala mass kidnapping were targeted by NSO Group's spyware 'Pegasus'.

Right around the time of the confirmed zero-click attack in 2022, human rights activists and journalists in Mexico questioned the credibility of 'government-provided evidence of the Iguala mass kidnapping,' He criticized the Mexican military for refusing to hand over the documents. At the same time, there were also incidents in which the arrest warrant issued for a military officer who was an important witness in the Iguala mass kidnapping case was suddenly revoked, and the special prosecutor for the same case was forced to resign. Therefore, The Citizen Lab suggests that the Mexican military and government may be involved in the 2022 zero-click attack.



An Apple spokesperson said the exploit reported by The Citizen Lab affects only a small number of users and has already issued a patch to fix the vulnerability. ``We are pleased that Lockdown Mode stopped this sophisticated attack and immediately alerted users to the specific threat before it became known to Apple and security researchers,'' he said.

'NSO Group adheres to strict regulations and its technology is used by government clients to combat terrorism and crime around the world,' an NSO spokesperson said.

in Mobile,   Security, Posted by log1i_yk