Researchers at the University of Toronto’s Citizen Lab said the exploitation of the software has been used since February and has been used to deploy Pegasus, the spyware manufactured by the Israeli firm NSO Group that was allegedly used by oversee journalists and human rights defenders in various countries.
The urgent update that Apple released on Monday covers a hole in iMessage software that allowed hackers to infiltrate a user’s phone without the user clicking on any links, according to Citizen Lab. The Saudi activist chose to remain anonymous, Citizen Lab said.
Apple credited Citizen Lab researchers to finding the vulnerability.
“Attacks like the ones described are very sophisticated, cost millions of dollars to develop, often have a short lifespan and are used to target specific people,” Ivan Krsti, head of engineering, said in a statement. and Apple Security Architecture.
Krsti said Apple addressed the issue quickly with a software solution and that the vulnerability “is not a threat to the vast majority of our users.”
However, security experts encouraged users to upgrade their mobile devices to protect them.
In a statement, the NSO group did not address the allegations, only said: “The NSO group will continue to provide intelligence and police agencies around the world with life-saving technologies to fight terror and crime.”
The firm has previously said that its software is only sold to verified customers for anti-terrorism and law enforcement purposes.
Researchers, however, claim to have found multiple cases in which spyware was deployed to dissidents or journalists. In 2019, Citizen Lab analysts alleged that Pegasus was being used on the cell phone of the wife of a murdered Mexican journalist.
In a lawsuit filed in 2019, Facebook accused the NSO group of being complicit in a hack of 1,400 mobile devices via WhatsApp. (The NSO group discussed the allegations at the time).
The proliferation of easy-to-use mobile hacking tools has given governments around the world a new and stealthy means to target opponents. According to reports, a sophisticated spyware program manufactured by the NSO group and other providers has been used from Uzbekistan to Morocco.
The rise of spyware prompted a group of UN human rights experts in August to call for a moratorium on the sale of these surveillance tools. The UN panel said the ban should remain in place until governments “have established robust regulations that ensure its use in accordance with international human rights standards.”
The-CNN-Wire & 2021 Cable News Network, Inc., a WarnerMedia company. All rights reserved.