New Zero-Click iPhone Vulnerability Discovered And is Being Exploited in NSO Spyware Attacks 

New Zero-Click iPhone Vulnerability Discovered And is Being Exploited in NSO Spyware Attacks 

Citizen Lab’s digital threat experts have identified a new zero-click iMessage vulnerability used to install NSO Group spyware on the iPhones of Catalan lawmakers, journalists, and activists. A previously undiscovered iOS zero-click security issue, HOMAGE, affects several iOS versions before iOS 13.2. 

Between 2017 and 2020, it was combined with the Kismet iMessage exploit and a WhatsApp flaw in a campaign that targeted at least 65 people with NSO’s Pegasus spyware. According to Citizen Lab, Catalan MEPs, every Catalan president since 2010, Catalan lawmakers, jurists, journalists, members of civil society groups, and their families were among the victims of these attacks. 

“Among Catalan targets, we did not see any instances of the HOMAGE exploit used against a device running a version of iOS greater than 13.1.3. It is possible that the exploit was fixed in iOS 13.2,” said the Citizen Lab.”At this time the Citizen Lab is not conclusively attributing these hacking operations to a particular government; however, a range of circumstantial evidence points to a strong nexus with one or more entities within Spanish government,” Citizen Lab added. 

According to Reuters last year, NSO spyware was also employed in cyberattacks on senior European Commission officials, including the European Justice Commissioner. Ron Dilbert, the Director of Citizen Lab, also revealed many potential Pegasus spyware breaches within official UK networks to the United Kingdom government. 

Pegasus operators affiliated to the UAE were linked to a suspected infection on a device belonging to a Prime Minister’s Office officer, while attacks on the UK’s Foreign and Commonwealth Office were traced to the UAE, Cyprus, India, and Jordan. After US Department of State officials discovered that their iPhones had been hacked to install the same spyware, Finland’s Ministry of Foreign Affairs said in January that the smartphones of Finnish diplomats had been infected with NSO Group’s Pegasus spyware. 

The European Parliament is establishing a committee of inquiry (which will meet for the first time on April 19) to look into any violations of EU legislation caused by NSO Pegasus and similar spyware. Pegasus, a spyware program created by the Israeli espionage business NSO Group, is touted as surveillance software leased to agencies all over the globe for “investigating crime and terror.” 

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.

Share: