Researchers from the University of Toronto-based Internet watchdog Citizen Lab have revealed that the Pegasus spyware tool, developed by Israeli cyber intelligence firm NSO, has been used to silently compromise the iPhones of dozens of journalists.
For most of the past year, London-based reporter Rania Dridi and at least 36 journalists, producers, and executives working for the Al Jazeera news agency were targeted by a special “zero-click” spyware attack that exploited a vulnerability in Apple’s iMessage platform. While the vulnerability has now been fixed, the attack worked ingeniously for a while by compromising the victims’ devices without having to trick them into opening a malicious link. Hence, the term “zero-click” spyware.
After Al Jazeera investigative journalist Tamer Almisshal suspected that his iPhone might have been hacked, Citizen Lab was notified and asked to look into the situation. The Canadian laboratory finally released its technical report on Sunday, revealing that the journalists’ iPhones were targeted by spyware developed by the Israeli agency NSO Group.
“The phones were compromised using an exploit chain that we call KISMET, which appears to involve an invisible zero-click exploit in iMessage in iPhones,” the report stated.
“Based on logs from compromised phones, we believe that NSO Group customers also successfully deployed KISMET or a related zero-click, zero-day exploit between October and December 2019,” the report added.
The NSO Group is already in hot water with Facebook, with the social media giant accusing it of using the Pegasus spyware to infect almost 1,400 WhatsApp accounts, mostly belonging to celebrities.
Meanwhile, the Citizen Lab researchers have shared their findings with Apple and the company is now investigating the matter as well.
NSO has been denying these assertions, however, claiming that it has no access to any information related to the identities of the journalists.
“This is the first we are hearing of these assertions. As we have repeatedly stated, we do not have access to any information related to the identities of individuals upon whom our system is alleged to have been used to conduct surveillances,” said an NSO spokesperson in a statement to TechCrunch.