WASHINGTON – An iPhone belonging to a staffer at a Washington-based civil society organisation was hacked remotely with spyware created by Israel’s NSO Group.
The hack was discovered last week and reported to Apple, which moved quickly to investigate and patch the breach, according to Mr John Scott-Railton, a senior researcher with Citizen Lab at the University of Toronto’s Munk School.
NSO Group has been sanctioned by the US since 2021 due to its Pegasus hacking tool, which has been used by some governments to target journalists and dissidents beyond their borders.
It is a so-called zero-click hack, in which the user doesn’t need to click on a link in order for malware to install software that can turn phones into real-time surveillance devices.
“The gravity of the attack, which is a zero click, combined with the fact that it was being actively used in the wild against civil society makes it clear that this is the kind of thing that needs to be taken really seriously and prioritised, and we’re glad that Apple did that,” Mr Scott-Railton said, in an interview.
Citizen Lab called the exploit chain BLASTPASS in a blog post on Thursday, and said it was capable of compromising iPhones running the latest version of Apple’s operating system without any interaction from the victim.
A spokesman for Apple confirmed the account.
“We are unable to respond to any allegations that do not include any supporting research,” a spokesman for NSO Group said.
The company has previously said Pegasus doesn’t work on phone numbers with the +1 county code used in the US and Canada.
Citizen Lab did not identify the targeted individual or organisation.
EU finds signs of Pegasus spyware use on top officials' phones
Apple users urged to update devices to prevent breach by Pegasus spyware
Earlier this year, the research group found that NSO Group had used at least three zero-click methods to hack civil society groups, and the company’s tools have been linked to spying on prominent figures in Armenia, including a United Nations official.
In reporting the latest breach, Citizen Lab recommended “everyone who may face increased risk because of who they are or what they do to enable Lockdown Mode” on their devices.
Lockdown Mode severely restricts apps and features on a person’s phone – for example blocking most message attachments.
The report comes as NSO Group has faced increased scrutiny around the world.
On Thursday, Poland’s Senate published the results of an investigation into the use of Pegasus during the 2019 parliamentary elections that found violations of constitutional standards and said the vote was not fair due to the use of the spyware.
In August, the Israeli government announced that it had set up a commission to investigate whether police misused spyware, including applications made by NSO Group, in criminal investigations. BLOOMBERG
Activists to sue Thai government over Pegasus spyware use
Mexico president denies spying on critics after Pegasus allegations
Join ST’s Telegram channel and get the latest breaking news delivered to you.
p.st_telegram_boilerplate:before {
display: inline-block;
content: ” “;
border-radius: 6px;
height: 6px;
width: 6px;
background-color: #12239a;
margin-left: 0px;
margin-right: 13px;
}
a.st_boilerplate {
font-family: “SelaneWebSTForty”, Georgia, “Times New Roman”, Times, serif;
}