Citizen Lab found an actively exploited zero-click vulnerability being used to deliver NSO Group’s Pegasus mercenary spyware while checking the device of an individual employed by a Washington DC-based civil society organization with international offices. We refer to the exploit chain as BLASTPASS. The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim.

In 2022, the Citizen Lab gained extensive forensic visibility into new NSO Group exploit activity after finding infections among members of Mexico’s civil society, including two human rights defenders from Centro PRODH, which represents victims of military abuses in Mexico.

Front Line Defenders’ analysis indicated that six devices belonging to six Palestinian human rights defenders were hacked with Pegasus, a spyware developed by the cyber-surveillance company NSO Group. Both the Citizen Lab and Amnesty International’s Security Lab independently confirmed these findings.

Ron Deibert joined Democracy Now to discuss how Citizen Lab research of a zero-click zero-day exploit—used by NSO Group—led Apple to issue a patch to over 1.65 billion products.

While analyzing the phone of a Saudi activist infected with NSO Group’s Pegasus spyware, we discovered a zero-day zero-click exploit against iMessage. The exploit, which we call FORCEDENTRY, targets Apple’s image rendering library, and was effective against Apple iOS, MacOS and WatchOS devices.

لقد حددنا تسعة نشطاء بحرينيين تم اختراق أجهزتهم الآيفون باستخدام برنامج تجسس “Pegasus” من NSO Group في الفترة ما بين يونيو 2020 و فبراير 2021. بعض النشطاء قد تم اختراقهم باستغلال ثغرتين zero-click في iMessage, كنا قد سمينا الثغرتين التي تم اكتشافها في 2020 ب KISMET، أما الثغرة المستخدمة في 2021 فنسميها FORCEDENTRY

We identified nine Bahraini activists whose iPhones were successfully hacked with NSO Group’s Pegasus spyware between June 2020 and February 2021. The hacked activists included three members of Waad (a secular Bahraini political society), three members of the Bahrain Center for Human Rights, two exiled Bahraini dissidents, and one member of Al Wefaq (a Shiite Bahraini political society).

In its most recent response to the Citizen Lab regarding the The Great iPwn report, NSO Group extended an invitation to meet and discuss the Citizen Lab’s concerns and NSO Group’s “program” in more detail.  We do not believe this invitation is made in good faith and have declined.

As highlighted by a coalition of human rights organizations in a letter to NSO Group released today, NSO Group continues to fail in human rights compliance. The company has fallen far short of numerous promises and commitments it made, in particular with regards to transparency and its human rights due diligence framework.