Israeli tech firm NSO Group has reportedly developed at least three new zero-click exploits targeting iPhones running iOS 15 and early versions of iOS 16, according to cybersecurity researchers at the University of Toronto’s Citizen Lab. The new version of the notorious Pegasus spyware poses a renewed threat to the privacy and security of activists, journalists, government officials, and corporate executives.
Citizen Lab discovered the three previously unknown iOS zero-click exploits while investigating malware infections on the iPhones of human rights defenders in Mexico. Named FindMyPwn, PwnYourHome, and LatentImage, these exploits have been used in Pegasus attacks in 2022.
FindMyPwn, a two-step exploit targeting the Find My feature and iMessage, was first used against iPhones running iOS 15 in June 2022. PwnYourHome, another two-step exploit targeting HomeKit and iMessage, was used against iOS 15 and 16 devices starting in October 2022. LatentImage, discovered on only one device, appears to be the first new exploit used by NSO in 2022.
Apple was informed about the findings in October 2022 and January 2023. The tech giant has since fixed the vulnerabilities, including CVE-2023-23529, which was patched in February. Apple sent out notifications to targeted users in November and December 2022, as well as in March 2023. Over the past year, Apple has patched approximately a dozen iOS zero-day vulnerabilities.
Despite the vulnerabilities being fixed, the threat from Pegasus and other spyware remains. Citizen Lab recommends high-risk users employ Apple’s Lockdown Mode, a feature available on iOS 16, iPadOS 16, and macOS Ventura, designed to combat the growing problem of mercenary spyware. Lockdown Mode severely limits a device’s abilities but offers increased security from corporate espionage and state-sponsored hacking syndicates.
Researchers found that devices with Lockdown Mode enabled received real-time warnings when targeted by the PwnYourHome exploit. To date, there are no known cases of the exploit successfully used against devices with Lockdown Mode switched on.
These revelations highlight the persistent and evolving threat posed by the Pegasus spyware and similar tools. The continued development of new zero-click exploits by the NSO Group underscores the importance of robust cybersecurity measures and practices, particularly for high-risk individuals and organizations.
Award-winning mobile security
Certo's industry-leading spyware detection tools for iPhone and Android are trusted by millions worldwide.