Discovery of a Critical Vulnerability, Israeli Spyware Strikes iPhone Again in 2023

Researchers from the digital security group "Citizen Lab" have revealed that they discovered spyware linked to the Israeli company NSO, which exploited a newly discovered vulnerability in Apple devices.

The group explained in a statement that during an examination of an Apple device belonging to a member of a civil society group in Washington last week, they found that the flaw had been used to infect the device with the NSO's spyware, known as "Pegasus."

Bill Marczak, a senior researcher at Citizen Lab, told Reuters, "The indications confidently point to NSO's Pegasus spyware being responsible for the hacking operation, based on the forensic evidence we obtained from the targeted device."

He noted that the attacker likely made a mistake during the installation process, which is how the engineers at Citizen Lab stumbled upon the spyware.

Citizen Lab's statement explained that the breach, known as "ForcedEntry," can compromise iPhones running the latest version of the iOS operating system (iOS 16.6) without any interaction from the victim.

Citizen Lab promptly informed Apple of its findings, and Apple released updates related to the exploit chain. The statement from Citizen Lab urged everyone to update their devices immediately, stating that Apple's security engineering team confirmed that the new updates specifically block this attack.

This recent discovery once again demonstrates that civil society is being targeted through highly advanced exploitation operations and complex spyware, according to Citizen Lab.

The Israeli company has been on the US government's blacklist since 2021 due to alleged violations, including monitoring government officials and journalists.