NSO hacked iPhones without user clicks in 3 new ways, researchers say

Related: NSO Group’s Pegasus Spyware Returns in 2022 with a Trio of iOS 15 and iOS 16 Zero-Click Exploit Chains (Citizen Lab)

______________________________________________________________________

Source: Washington Post

NSO hacked iPhones without user clicks in 3 new ways, researchers say

Examination of phones from Mexico led to the discoveries

By Joseph Menn
Updated April 18, 2023 at 2:43 p.m. EDT|Published April 18, 2023 at 7:00 a.m. EDT

SAN FRANCISCO — Israeli spyware maker NSO Group deployed at least three new “zero-click” hacks against iPhones last year, finding ways to penetrate some of Apple’s latest software, researchers at Citizen Lab have discovered.

The attacks struck phones with iOS 15 and early versions of iOS 16 operating software, Citizen Lab said in a report Tuesday. The lab, based at the University of Toronto, shared its results with Apple, which has now fixed the flaws that NSO had been exploiting.

The attacks targeted human rights activists who were investigating the 2015 mass kidnapping of 43 student protesters in Mexico, other suspected military abuses, and the related government response, Citizen Lab said. Mexico has been a major NSO customer.

According to Citizen Lab, one of the attacks, in September 2022, coincided with a report by international experts challenging government evidence in the 2015 case and its interference with the investigation.

-snip-

Read more: https://www.washingtonpost.com/technology/2023/04/18/nso-apple-iphones-citizen-lab/

Non-paywalled link: https://archive.is/nVs90