abusesaffiliationarrow-downarrow-leftarrow-rightarrow-upattack-typeburgerchevron-downchevron-leftchevron-rightchevron-upClock iconclosedeletedevelopment-povertydiscriminationdollardownloademailenvironmentexternal-linkfacebookfiltergenderglobegroupshealthC4067174-3DD9-4B9E-AD64-284FDAAE6338@1xinformation-outlineinformationinstagraminvestment-trade-globalisationissueslabourlanguagesShapeCombined Shapeline, chart, up, arrow, graphLinkedInlocationmap-pinminusnewsorganisationotheroverviewpluspreviewArtboard 185profilerefreshIconnewssearchsecurityPathStock downStock steadyStock uptagticktooltiptwitteruniversalityweb
Article

24 Aug 2021

Author:
Zack Whittaker, TechCrunch

Bahrain: New NSO zero-click attack evades Apple’s iPhone security protections, says Citizen Lab

[A] Bahraini human rights activist’s iPhone was silently hacked earlier this year...

Citizen Lab... analyzed the activist’s iPhone... The zero-click attack took advantage of a... security vulnerability in Apple’s iMessage, which was exploited to push [NSO's Pegasus spyware]...

The hack is significant, not least because Citizen Lab researchers said it found evidence that the zero-click attack successfully exploited the latest iPhone software at the time... [T]he hacks also circumvent a new software security feature... dubbed BlastDoor...

Citizen Lab’s... researchers made Apple aware of the efforts to target and exploit up-to-date iPhones. When reached by TechCrunch, Apple would not explicitly say if it had found and fixed the vulnerability that NSO is exploiting.

In a boilerplate statement re-released Tuesday, Apple’s head of security... said: “Apple unequivocally condemns cyberattacks against journalists, human rights activists… Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections...”

Apple said BlastDoor was not the end of its efforts to secure iMessage and that it has strengthened its defenses...

Citizen Lab said the Bahraini government was likely behind the targeting...

NSO Group did not answer specific questions nor would it say if the Bahraini government was a customer... NSO said that it had not seen Citizen Lab’s findings and that it would investigate if it receives “reliable information related to misuse of the system.”

... [The Bahraini government said:] “These claims are based on unfounded allegations and misguided conclusions..."

Timeline