Explained: Pegasus spyware uses Zero-click attack to break iPhone security, access data secretly
It’s created by Israel's NSO group and took advantage of a flaw in iMessage that allowed the Pegasus malware to spread across the phone and take control.Author : Shagun
The iPhone of a Bahraini human rights activist was silently hacked early this year by the sophisticated Pegasus spyware, which has been used by various countries across the world, but this time without the device owner’s interaction.
Citizen Lab, a Toronto-based watchdog group, discovered this after analysing the activist's iPhone 12 Pro and finding evidence that suggested the device was hacked in February using a never before seen zero-click attack.
It was created by Israel's NSO group and took advantage of a flaw in iMessage that allowed the Pegasus malware to spread across the phone and take control.
Can regular updates make your iPhone safe?
While this attack occurred in February and iOS has subsequently received multiple updates throughout the months, one would expect that their phones are now secure. Unfortunately, this is not the case.
According to Citizen Lab researchers, the zero-click assault has successfully exploited both the most recent iOS 14.4 upgrade and the iOS 14.6 version that was released in May.
What's more alarming is that the spyware can bypass all of iOS 14's built-in security features, including BlastDoor, which is supposed to prevent such attacks by ensuring that no dangerous data is transferred through iMessage.
The attack is named 'Forced entry' as it successfully breached the BlastDoor security.
Apple’s response to exploited vulnerability
“Apple unequivocally condemns cyberattacks against journalists, human rights activists, and others attempting to make the world a better place,” said Ivan Krstic, Apple's head of security engineering and architecture.
"Such attacks are very sophisticated, cost millions of dollars to develop, have a short shelf life, and are used to target specific individuals.”
“While this means they pose no harm to the vast majority of our users,” he continued, “we proceed to work hard to secure all of our customers and we are constantly implementing additional security for their devices and data.”
An Apple official said that BlastDoor would not be the only line of defence for safeguarding iMessage and that other protections would be added with the future iOS 15 upgrade, which is expected to arrive next month.
Bahraini government is believed to be behind the attacks
Between June 2020 and February 2021, over eight Bahraini activists have been the target of snoop ware. Citizen Labs said that the Bahraini government could be behind the attacks.
Bahrain is one of several authoritarian countries known as Pegasus' government customers, including Saudi Arabia, Rwanda, the United Arab Emirates, and Mexico. However, due to nondisclosure agreements, NSO has consistently refused to name and verify dozens of customers.
Government clients of the NSO's spyware have almost complete access to their target's devices, including personal data, images, texts, and whereabouts. Over 50,000 phone numbers are the potential targets of Pegasus malware.
One of the phone numbers listed belongs to a member of the Bahrain Center for Human Rights.
Citizen Lab revealed that before Forced Entry, it targeted another zero-click attack known as Kismet. Kismet has stopped working on iOS 14 and later since the launch of Blast Door, according to Citizen Lab, although handsets running previous versions of the iPhone are still at risk.
Two more Bahrainis in exile in London- Photojournalist Moosa Abd-Ali and activist Yusuf Aljamli have also been previously targeted by FinFisher spyware Sold to the Bahraini government.
Abd Ali, who claims he was detained and tortured in Bahrain, said he believed he would be safe in Britain but had been subjected to physical and digital surveillance.
Bahraini government on the other hand claims to be “committed to protecting individual rights and freedoms."