Google says NSO Group iPhone hack was “incredible and terrifying”

There’s no defense from the zero-click attack

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

The recently-discoveredNSO Group Pegasus iPhone hackis both “incredible” and “terrifying”,Google’s engineers have said.

In a detailed two-part blog post, Google Project Zero engineers Ian Beer & Samuel Groß explained how the NSO Group (an Israeli technology firm primarily known for its proprietary spyware) designed an attack mechanism “against which there is no defense," as nomobile antiviruswould be able to spot it.

Also known as a “zero-click” exploit, it’s just as it sounds - the victim doesn’t even need to click anything in order to be compromised. Basically, all it needs to do is receive an SMS message viaApple’s iMessage service.

Under attack

The attack methodology itself is rather complex, and involves “fake” gifs, CoreGraphics PDF parsers, the JBIG2 codec, and an entirely “new” computer architecture that is “not as fast as Javascript, but it’s fundamentally computationally equivalent”.

You can find a detailed breakdown of how the vulnerability works onthis link.

The vulnerability is logged as CVE-2021-30860, and has been fixed on September 13, 2021 in iOS 14.8. Apparently, there’s also anAndroidversion, but the researchers are yet to get a sample.

Banning NSO Group

In November 2021, the U.S. Department of Commerce said the NSO Group sold its spyware to foreign governments, which then used it to target government officials, journalists, businesspeople, activities, academics, and embassy workers. It added the company to its “entity list”, whichessentially bans it from the US market.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Soon afterwards, Apple also filed for a permanent injunction which would ban the NSO Group from using any of its software, hardware, or services.

“Based on our research and findings, we assess this to be one of the most technically sophisticated exploits we’ve ever seen, further demonstrating that the capabilities NSO provides rival those previously thought to be accessible to only a handful of nation-states,” the researchers concluded.

There is no telling how many people might have been targeted with this exploit, but we do know of a Saudi activist that was targeted earlier this year. It was Citizen Lab that managed to capture the dreaded message and examine it.

You might also want to check out our list of thebest VPN servicesright now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well