Researchers at Citizen Lab at the Munk School at the University of Toronto have raised concerns about the proliferation of spyware used by NSO Group, a powerful Israeli cyber intelligence firm. They discovered that an individual employed by an organization with international offices was targeted with NSO Group’s hacking software. The attack was uncovered while researchers were examining the individual’s device.

The attack employed a “zero-click exploit,” which allowed the spyware to infect the user’s mobile device through a previously unknown security flaw in the phone’s operating system, without the need for the user to click on a malicious link. Apple has since released an iOS patch to address the security vulnerability.

NSO Group claims that it only sells its spyware to government clients for use in combating serious crime and terrorism. However, there have been documented cases of the spyware being misused by government clients in various countries. Once a phone is infected, the spyware grants the user, often a foreign government intelligence service or police entity, total access to the device, including encrypted conversations and messages on popular applications like Signal or WhatsApp. It can also turn the phone into a listening device, enabling the operator to manipulate the device’s recording capabilities.

The recent attacks targeting journalists, diplomats, foreign government officials, and activists have prompted the Biden administration to blacklist NSO Group in 2021. Additionally, the company is facing lawsuits from Apple and WhatsApp.

The research conducted by Citizen Lab pointed to NSO Group’s Pegasus spyware as the likely culprit behind the attack. Bill Marczak, a senior researcher at Citizen Lab, expressed high confidence in this attribution based on forensic evidence. He also noted that the discovery of the spyware was likely due to an error made by the operator during installation.

This incident once again highlights the need for increased scrutiny and regulation surrounding the use of powerful hacking tools like NSO Group’s spyware. Efforts must be made to protect individuals and organizations from unauthorized surveillance and potential abuse of these technologies.

来源：

– Citizen Lab at the Munk School at the University of Toronto

- 路透社