城市生活

揭開新技術和人工智能的力量

專業技術

公民實驗室報告 iPhone 被間諜軟件遠程攻擊

By羅伯特·安德魯

8 年 2023 月 XNUMX 日
公民實驗室報告 iPhone 被間諜軟件遠程攻擊

Citizen Lab, a research group at the University of Toronto, has discovered that an iPhone belonging to a staffer at a Washington-based civil society organization was remotely hacked using spyware developed by Israel’s NSO Group. The hack, which was termed a “zero-click” attack because the victim did not need to interact with any links, was reported to Apple, who swiftly investigated and patched the breach.

The severity of the attack, combined with its use against civil society, highlights the need for serious attention and action. NSO Group, known for its Pegasus hacking tool, has been sanctioned by the US since 2021 for targeting journalists and dissidents beyond their borders. Pegasus allows governments to turn phones into real-time surveillance devices without the user’s knowledge.

Citizen Lab named the exploit chain used in this attack “BLASTPASS,” and it was capable of compromising iPhones running the latest version of Apple’s operating system without any user interaction. NSO Group, however, has claimed it is unable to respond to the allegations without supporting research. Apple acknowledged Citizen Lab’s assistance in resolving the breach and released a patch.

Citizen Lab did not disclose the identity of the targeted individual or organization but recommended that those who may face an increased risk due to their work or status enable Lockdown Mode on their devices. Lockdown Mode restricts apps and features, such as blocking most message attachments. This report follows previous discoveries by Citizen Lab, which found that NSO Group had used zero-click methods to hack civil society groups and spy on prominent figures in Armenia.

NSO Group has faced growing scrutiny worldwide. Poland’s Senate recently published an investigation into the use of Pegasus during the 2019 parliamentary elections, revealing violations of constitutional standards and concluding that the vote was unfair. In response, the Israeli government established a commission to investigate the potential misuse of spyware, including NSO Group’s applications, by the police in criminal investigations.

來源：
——彭博社

