Report: Pegasus Spyware Hack Based on Zero-Click iOS 14.6 iMessage Exploit Sold to Governments Worldwide

BY Sanuj Bhatia

Published 19 Jul 2021

pegasus spyware iOS 14

Pegasus Spyware has been making the headlines since Sunday morning. The spyware developed by Israel’s NSO group has been accused of leaking data of thousands of journalists, lawyers, and human rights activists around the world. According to a new report, iPhones running iOS 14.6 have been infected by the Pegasus spyware using the iMessage zero-click vulnerability.

What is Pegasus Spyware?

Pegasus Spyware has been developed by a private company, known as NSO, in Israel. The spyware has been out there for a while and is known to affect both iPhones and Android smartphones. It can leak data of the device, including SMS, emails, phone numbers, call logs, and more without the user knowing about it. In 2019, a report claimed that Pegasus spyware can even leak iCloud data of an iPhone.

The tool, in general, is sold to the governments in order to collect information about counterterrorism and other security-related stuff. However, a report by Amnesty International concluded that the tool has been misused by governments around the world to collect data of journalists and activists.

Amnesty International reported that that the tool has been sold by NSO to the governments in order to target human rights activists, lawyers, and journalists. The leak list contains over 50,000 phone numbers of potential NSO clients who are believed to be recording data of people without them knowing.

However, NSO has denied all the allegations related to the Pegasus project and said that the report is “full of wrong assumptions and uncorroborated theories.”

How are iPhones Running iOS 14.6 Vulnerable to the Pegasus Spyware?

Bill Marczak says that Amnesty International found an iPhone running iOS 14.6 which was hacked using the Pegasus spyware. He claims that the iPhone had been infected using the iMessage zero-click exploit. It was earlier believed that the zero-click iMessage vulnerability had been fixed in the iOS 14.5 update.

He goes onto say that the BlastDoor security feature Apple introduced in iOS 14 isn’t solving the zero-click exploit. BlastDoor takes the content of all new messages and processes them in an isolated environment so that any malicious code hidden in a message cannot harm the device, retrieve user data, or compromise the security of the device. However, it has failed to secure the iPhone of so many journalists and activists.