NSO Hacked iPhones Without User Clicks in 3 New Ways, Researchers Say

Israeli spyware maker NSO Group deployed at least three new "zero-click" hacks against iPhones last year, finding ways to penetrate some of Apple's latest software, researchers at Citizen Lab have discovered. From a report: The attacks struck phones with iOS 15 and early versions of iOS 16 operating software, Citizen Lab said in a report Tuesday. The lab, based at the University of Toronto, shared its results with Apple, which has now fixed the flaws that NSO had been exploiting. It's the latest sign of NSO's ongoing efforts to create spyware that penetrates iPhones without users taking any actions that allow it in. Citizen Lab has detected multiple NSO hacking methods in past years while examining the phones of likely targets, including human rights workers and journalists.

While it is unsettling to civil rights groups that NSO was able to come up with multiple new means of attack, it did not surprise them. "It is their core business," said Bill Marczak, a senior researcher at Citizen Lab. "Despite Apple notifying targets, and the Commerce Department putting NSO on a blacklist, and the Israeli ministry cracking down on export licenses -- which are all good steps and raising costs -- NSO for the moment is absorbing those costs," Marczak said. Given the financial and legal fights NSO is involved in, Marczak said it was an open question how long NSO could keep finding or buying new exploits that are effective.

iPhone, uPhone, wePhone

[gweihir]

And everybody listens in. Obviously these designs have gotten far too complex to be secure.

Re: iPhone, uPhone, wePhone

[IdanceNmyCar]

I skate. You skate. We skate. Maybe we can get together and be a skating couple.

Secure?

[bagofbeans]

Do any of these exploits work if JS is disabled?

Re:

[gweihir]

Does the phone still work if JS is disabled?

Re: Secure?

[forceshield]

The last attack was an invisible text message sent at carrier level. I'm sure they are doing more than just exploiting some js.

Just try it

[PPH]

I hired Shawn Kemp to look after my phone for me.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[clovis]

So if you or I hack or backdoor a device, we either get charged under the DMCA or computer intrusion laws, but an Israeli company is free to do whatever they want?

How is what they're doing at all legal? Is it because government agencies are purchasing it to spy on their own citizens?

The US Commerce department did put sanctions on NSO Group, but darned if I can figure out what that means to the NSO group, if anything.
https://www.commerce.gov/news/... [commerce.gov]

https://www.aljazeera.com/news... [aljazeera.com]

Re:

[Arethan]

The DMCA is US legislation, which has no jurisdiction over companies or citizens that operate within another country.
https://en.wikipedia.org/wiki/... [wikipedia.org]

Aside from asking for political favors, a military visit to "spread democracy", or an equally "illegal" clandestine action to directly address the issue, there is nothing the US can do about events that happen outside their borders that are performed by non-US citizens.

The US claims they don't use software from NSO group, but it doesn't really matter if they d

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[ewibble]

Why? Do you think the US doesn't spy on both enemies and allies. Of course it does the recent leaks have proved it does, but it was obvious it was doing it before.

I am sure most countries spy, this is just for show.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[omnichad]

Different countries have different laws? Can't believe it.

Re:

[BishopBerkeley]

Apple's lawsuit is ongoing. Your point is quite valid. Apple is furious that NSO is profiting off its ability to break Apple's iOS. This cannot be a legitimate business models. Hackers go to jail, not to the stock market. https://www.apple.com/newsroom... [apple.com] https://news.bloomberglaw.com/... [bloomberglaw.com] https://techcrunch.com/2023/01... [techcrunch.com]

Re:

[BishopBerkeley]

Or perhaps it's a market they want to enter by selling their wares to the Pentagon. None of this bodes well. It's incredibly dispiriting.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[NoMoreACs]

So if you or I hack or backdoor a device, we either get charged under the DMCA or computer intrusion laws, but an Israeli company is free to do whatever they want?

How is what they're doing at all legal? Is it because government agencies are purchasing it to spy on their own citizens?

I don't think it is.

Apple should hack NSO group

[BishopBerkeley]

If Apple loses the lawsuit it has going against NSO, then it means that Apple is legally cleared to hack NSO, and Apple should hire the best hackers in the world to destroy NSO. NSO has to be really careful because if it succeeds in claiming that hacking for the purpose of extrajudicial state surveillance is a legitimate business, then NSO itself becomes vulnerable to state sponsored attacks by the US, EU states and any other government that hates it. Be careful what you wish for, as the saw goes. https:// [apple.com]

Horrible Design?

[spiritwave]

While I am reasonably tech savvy, I do not understand how an operating system can be so (at least seemingly) poorly designed, that it allows this type of attack at all.

The Pegasus attack, memory serving, simply sends a text message that does not even need to be opened.

If this is horrible OS software development on Apple's end, then it is fascinating to witness people shelling out a lot of money for a terribly insecure device (that likely includes conducting financial transactions).

Is there an equivalent 'no

Didn't Moxie find unlicensed Apple code?

[bd580slashdot]

Didn't Moxie find unlicensed Apple code when someone sent him NSO stuff to reverse? I was hoping Apple would sue NSO, but never heard anything more. Thoughts? *wanders off to SearX for it* :)

kind miss the old Slashdot ...