Monday, May 12, 2025
Homecyber securityA New iPhone Zero-Click iMessage Zero-Day Used to Deploy Pegasus Spyware

A New iPhone Zero-Click iMessage Zero-Day Used to Deploy Pegasus Spyware

Published on

SIEM as a Service

Follow Us on Google News

The security researchers of the Citizen Lab Research Center at the University of Toronto have recently discussed reading a vulnerability in iOS that can be easily exploited in just one click.

However, the report pronounced that this vulnerability was unknown earlier, but the experts came to know about it as this vulnerability was exploiting different attacks since February 2021.

According to the reports, this vulnerability has been exploited in attacks against various activists and protesters in Bahrain. And now the security analysts have detected a new exploit to the Israeli commercial spyware maker NSO Group.

- Advertisement - Google News

New iPhone Zero-Click Exploit Popped Up in February 2021 

The new iPhone Zero-click exploits were detected in February 2021, the NSO Group initiated the attacks using the new iMessage zero-click. 

While the Citizen Lab affirmed that while investigating the exploit they noted the FORCEDENTRY exploit strongly deployed against iOS variants 14.4 and 14.6 as a zero-day.

After the specific investigation, the analyst asserted that disabling iMessage will commence to other issues, such as sending unencrypted messages that a resourceful cybercriminal can easily guess.

NSO Group’s Pegasus used in high-profile attacks

This attack has a long string, and the vulnerability is a part of this huge attack. During the investigation, experts noticed that the NSO Group’s Pegasus spyware was utilized to spy on reporters and human rights defenders (HRDs) worldwide.

But, Pegasus is a spyware tool that was specifically produced by Israeli surveillance firm NSO Group. This tool was marketed as surveillance software “licensed to legal government companies for the single purpose of reviewing the crime and terror.”

It’s not the first time that the security authorities have detected the Pegasus tool, as per the report the Citizen Lab has discovered some Pegasus licensees in 2018, which were being used for cross-border surveillance in different countries along with state security services.

Guarding Against Zero-Click Attacks Involves Tradeoffs 

This specific attack might be prevented by disabling iMessage and FaceTime. Apart from these two messaging apps, the NSO Group has successfully exploited many other apps that also include WhatsApp.

Disabling iMessage and FaceTime would not help to stop this attack, and it will not provide complete protection to the victim. Apart from this disabling iMessage is a long method that means the messages transferred via Apple’s built-in Messages app would be sent unencrypted and it makes a way for the threat actors to intercept.

However, the researchers are not clear about the whole concept of the threat actor that they are implementing. But the recent discoveries imply that the NSO Group’s customers are able to remotely compromise all current iPhone models and versions of iOS.

Moreover, there are many programs that the NSO Group is dealing with, that’s why the analysts have suggested all the customers stay alert regarding this kind of attack.

Follow us on LinkedinTwitterFacebook for daily Cybersecurity News & Updates

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Lumma Stealer Upgraded with PowerShell Tools and Advanced Evasion Techniques

Sophos Managed Detection and Response (MDR) in September 2024, the notorious Lumma Stealer malware...

New Noodlophile Malware Spreads Through Fake AI Video Generation Platforms

Cybercriminals have unleashed a new malware campaign using fake AI video generation platforms as...

Kimsuky Hacker Group Deploys New Phishing Techniques and Malware Campaigns

The North Korean state-sponsored Advanced Persistent Threat (APT) group Kimsuky, also known as “Black...

APT37 Hackers Use Weaponized LNK Files and Dropbox for Command-and-Control Operations

The North Korean state-sponsored hacking group APT37, also known as ScarCruft, launched a spear...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Lumma Stealer Upgraded with PowerShell Tools and Advanced Evasion Techniques

Sophos Managed Detection and Response (MDR) in September 2024, the notorious Lumma Stealer malware...

New Noodlophile Malware Spreads Through Fake AI Video Generation Platforms

Cybercriminals have unleashed a new malware campaign using fake AI video generation platforms as...

Kimsuky Hacker Group Deploys New Phishing Techniques and Malware Campaigns

The North Korean state-sponsored Advanced Persistent Threat (APT) group Kimsuky, also known as “Black...