An Israeli spyware firm targeted the iPhone of a Saudi activist, exploiting a flaw in the messaging app that prompted Apple to release a software update to patch a cyber-security hole, according to Middle East Eye.
All iPhones running software before the 14.8 update, which was issued on Monday, are vulnerable to a bug created by NSO, an Israeli cyber security firm that sold its sophisticated spyware Pegasus to a number of Middle Eastern governments.
Citizen Lab, a Canadian research organization focused on digital threats to civil rights, announced on Monday that it uncovered the “Forcedentry” flaw while testing the iPhone of a Saudi activist in March. The activist did not want to be identified.
An exploit is a piece of software, a chunk of data, or a set of commands that exploits a defect or vulnerability in a program or system to produce unintended or unexpected behavior.
The “Forcedentry” attack, Citizen Lab says, “is distinctive enough to point back to NSO,” as it utilizes a hacking mechanism similar to Pegasus spyware, which NSO created and sold to a number of states, including Saudi Arabia, the United Arab Emirates, and Morocco.
Apple acknowledged that “Forcedentry” is a software flaw that works by infecting a device with a “crafted PDF” included in the iMessage app, allowing it to be hacked.
It has since issued a software update, version 14.8, to address the issue.
Pegasus is also a zero-click malware, which means it doesn’t require users to click on suspicious links or threatening texts, making it more difficult to detect.
It works by sending push-notifications to smartphones, sometimes without the owner’s knowledge, instructing the phone to upload its content, such as photos, emails, documents, voice and written messages, to servers linked to the NSO Group.