NSO Pegasus software exploited iOS vulnerability to spy on activists

Get a free Techzine subscription!

A new report says that the Israel-based cybersecurity company NSO Group Technologies was used by the Bahrain government to spy on people, using vulnerabilities in Apple’s mobile operating system, iOS.

The report comes from Citizen Lab and says that Bahrain used NSO software between June 2020 and February 2021 to spy on nine activists within its borders. Countries spying on their people is so prevalent now, you might as well always assume it is happening. However, the story is interesting because the NSO software bypassed iOS security. As with other reports of spyware from NSO, Pegasus was used for spying.

Citizen Lab

The researchers from Citizen Lab claim that the compromised iPhones were bypassed by Pegasus using a zero-click iMessage exploit known as KISMET. The exploit required a targeted iPhone to get a message for the spyware to compromise the operating system and monitor internet traffic without interactions from the user.

KISMET was a vulnerability in iOS up to version 13.7. subsequent versions from Apple included a security feature known as ‘BlastDoor’ to defend against zero-click iMessage attacks. Although the Apple update stopped zero-click attacks, the vulnerability is still exploitable if a user clicked on a link in an iMessage, which is how Pegasus gained access to targeted iPhones.

Controversy

Though the report may be controversial, no one can say NSO employees are not smart. In April, they found a new zero-click exploit in iOS called FORCEDENTRY. The name for the exploit was given by the researchers because it forced entry past the BlastDoor. The vulnerability is present in iOS versions up to v14.6 and could be present in v14.7. The researchers said they informed Apple of the exploit but the iPhone maker has declined to comment.