Catalan politicians have reportedly been targeted by a new form of mobile security threat targeting iOS devices.
Cybersecurity researchers at Citizen Lab have discovered a new zero-click exploit in iMessage, the iPhone's native messaging app. The new exploit was reportedly used to install Pegasus, a known spyware from the feared NSO Group.
Although the team says they can't know for sure, they believe the Spanish were behind the attack, with Catalonia, a region in the northeast of the country, seeking independence from Spain against the Spanish crown.
NSO group strikes again
NSO Group is an Israeli tech startup known for selling malware and spyware to governments around the world. He has often been criticized for his role in violating human rights, particularly against politicians, journalists and civil rights activists.
On this occasion, it seems that Pegasus has been installed in the terminals of the Catalan MEPs, all the Catalan presidents since 2010, as well as "legislators, jurists, journalists and members of Catalan civil society organizations and their families". . ". .
The newly discovered zero-day has been dubbed HOMAGE and is believed to only be found on iPhone devices running iOS 13.2 or earlier.
"Among the Catalan targets, we have not seen any instances of the HOMAGE exploit used against a device running an iOS version higher than 13.1.3. It is possible that the exploit will be fixed in iOS 13.2," Citizen Lab said.
"We are not aware of any zero-day, zero-click exploits deployed against Catalan targets after iOS 13.1.3 and before iOS 13.5.1."
Investigators do not know who is behind the attack, but suspect people from the Spanish government.
"At this time, Citizen Lab does not conclusively attribute these hacking operations to any particular government, but a range of circumstantial evidence points to a close connection to one or more entities within the Spanish government," Citizen Lab added.
Via: BleepingComputer