Skip to main content

New Pegasus zero-click iPhone attack defeats Apple’s Blastdoor protections

A newly discovered NSO Pegasus zero-click iPhone attack against a human rights activist managed to succeed despite Apple’s Blastdoor protections, according to security researchers at Citizen Lab.

It is unclear, however, whether the protections Apple added to iOS 14.7.1 would have succeeded in blocking the attack, as it took place at a time when iOS 14.6 was the latest version available …

TechCrunch reports.

A Bahraini human rights activist’s iPhone was silently hacked earlier this year by a powerful spyware sold to nation-states, defeating new security protections that Apple designed to withstand covert compromises, say researchers at Citizen Lab.

The activist, who remains in Bahrain and asked not to be named, is a member of the Bahrain Center for Human Rights, an award-winning nonprofit organization that promotes human rights in the Gulf state. The group continues to operate despite a ban imposed by the kingdom in 2004 following the arrest of its director for criticizing the country’s then-prime minister.

Citizen Lab, the internet watchdog based at the University of Toronto, analyzed the activist’s iPhone 12 Pro and found evidence that it was hacked starting in February using a so-called “zero-click” attack, since it does not require any user interaction to infect a victim’s device. The zero-click attack took advantage of a previously unknown security vulnerability in Apple’s iMessage, which was exploited to push the Pegasus spyware, developed by Israeli firm NSO Group, to the activist’s phone.

The hack is significant, not least because Citizen Lab researchers said it found evidence that the zero-click attack successfully exploited the latest iPhone software at the time, both iOS 14.4 and later iOS 14.6, which Apple released in May. But the hacks also circumvent a new software security feature built into all versions of iOS 14, dubbed BlastDoor, which is supposed to prevent these kinds of device hacks by filtering malicious data sent over iMessage.

Because of its ability to circumvent BlastDoor, the researchers called this latest exploit ForcedEntry.

A previous zero-click Pegasus attack was used against human rights activists, lawyers, and journalists. Apple subsequently released a security update in iOS 14.7.1, which was widely believed to be a fix for that exploit. Citizen Lab indicates that this attack method is a different one.

Apple had no comment on whether or not 14.7.1 protects against this new Pegasus attack, but instead simply re-sent the same statement it provided last time. This condemns the attacks, states that the risk is low for most customers, and advises that the company continually works to block such exploits. However, cybersecurity experts argue that Apple needs to do more.

Photo: Jonas Leupe/Unsplash

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear