Researchers at digital watchdog group Citizen Lab said on Thursday they found spyware they linked to Israeli firm NSO that exploited a newly discovered flaw in Apple (AAPL.O) devices. The flaw, which is named after its ability to bypass Apple’s “zero-click” security policy and get around the company’s iMessage encryption feature, allowed hackers to infiltrate devices and grab data, including camera and microphone information, emails, call logs, photos, messages – even encrypted ones – and other details like the user’s location and more.
It also allows attackers to execute arbitrary code with full kernel privileges remotely, and it was used to attack iPhones running iOS versions as recent as 16.6, the lab said. The flaw was spotted last week by Citizen Lab while inspecting the Apple device of an employee of a Washington-based civil society group. The lab said it found the flaw had been used to infect the device with NSO’s Pegasus spyware, which it has previously reported was abused by governments in Mexico and the United Arab Emirates for surveillance of dissidents and journalists.
The new findings blow Apple’s reputation as the maker of primarily hack-proof devices. They also undermine NSO’s claims that it only sells its technology to government agencies for use against criminals and terrorists and that the firm audits customers to ensure their software is not abused, the researchers said.
Apple issued updates for its phones and tablets, including the latest version of iOS, to address the flaw. The updates were pushed out to consumers on Monday. Users should get an alert on their phone or tablet to update the software, though they can also access the newest updates by going into the Settings app, choosing general, and then software update.
While Apple has closed the flaw in this particular attack, it’s important to remember that spyware is a big business, and there will likely be other ways that hackers can gain access to your device. The fact that the flaw could infect a victim’s device without them clicking on a message or link underscores the importance of always keeping your phones and tablets up to date, the researchers said.
Apple declined to comment on the report, while NSO did not respond to a request for comment. The U.S. government has blocked the Israeli company since 2021 for alleged misuse of its spyware, such as spying on officials and journalists. Despite the scrutiny, NSO continues to offer its software for sale to governments worldwide. Its products are sold in 45 countries. NSO’s Pegasus is one of the most sophisticated surveillance tools on the market, according to a report last year by cybersecurity company Lookout. Governments have used it to spy on dissidents, journalists, human rights activists, and others who have criticized their government. NSO has been pressured to clean up its act after an international media investigation found that authoritarian regimes were abusing the software.
