Total
0
Shares
Apple scrambles to address cyber arms dealer targeting new iPhone vulnerability
Source: Aly Song/Reuters
Market Herald logo

Subscribe

Be the first with the news that moves the market
  • Cyber surveillance firm NSO Group developed a tool to break into Apple iPhones with a new technique that's been in use since at least February
  • The discovery is important because the malware requires no user interaction and can infect all versions of Apple's iOS, OSX, and watchOS
  • The vulnerability lies in how iMessage automatically renders images
  • In a statement to Reuters, NSO Group did not confirm or deny that it was behind the technique
  • However, multiple details in the malware shared similarities with prior attacks by NSO Group, including some that were never publicly reported

According to internet security watchdog Citizen Lab, Israeli cyber surveillance firm NSO Group developed a tool to break into Apple iPhones with a never-before-seen technique that's been in use since at least February.

The discovery is important because of the critical nature of the vulnerability, which requires no user interaction and can infect all versions of Apple's iOS, OSX, and watchOS — except those updated by the tech behemoth on Monday.

Apple said it fixed the issue in Monday's software update, confirming Citizen Lab's finding.

"After identifying the vulnerability used by this exploit for iMessage, Apple rapidly developed and deployed a fix in iOS 14.8 to protect our users," said Ivan Krstić, head of Apple's Security Engineering and Architecture.

"Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals."

In a statement to Reuters, NSO Group did not confirm or deny that it was behind the technique, saying only that it would "continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight terror and crime."

Citizen Lab said it had found the malware on the phone of a Saudi activist, noting that the device had been infected since February.

The vulnerability lies in how iMessage automatically renders images. The app has been repeatedly targeted by NSO Group and other cyber arms dealers, prompting Apple to upgrade its architecture. That update, however, has not fully protected the system.

"Popular chat apps are at risk of becoming the soft underbelly of device security," said Citizen Lab researcher John Scott-Railton. "Securing them should be top priority."

Citizen Lab said multiple details in the malware shared similarities with prior attacks by NSO Group, including some that were never publicly reported. One process within the hack's code was named 'setframed', the same name given in a 2020 infection of a device used by a journalist at Al Jazeera.

Although NSO Group has said it vets the governments it sells to, its Pegasus spyware has been found on the phones of activists, journalists and opposition politicians in countries with poor human rights records.

More From The Market Herald
Germany headed for coalition government

" Germany headed for coalition government

Germany looks set to be governed by a coalition government for the next four years, based on preliminary results from Sunday’s federal election.
Morrison to meet other Quad nation leaders at White House

" Morrison to meet other Quad nation leaders at White House

Leaders of Quad nations — the US, Australia, India and Japan — will meet at the White House on Friday to discuss cooperation
US envoy to Haiti resigns in protest

" US envoy to Haiti resigns in protest

The US special envoy for Haiti, Daniel Foote, has resigned in protest over the Biden administration removing Haitians from the Texas border.
Currency slides in Lebanon as new government steps up

" Currency slides in Lebanon as new government steps up

The Lebanese Pound has lost nearly 90 per cent of its value as it hits world record inflation rates.