Catalan politicians have reportedly been targeted by a new form of mobile security threat that attacks iOS devices.
Citizen Lab cybersecurity researchers have discovered a new zero-click exploit in iMessage, the iPhone’s native messaging app. The new exploit was allegedly used to install Pegasus, known spyware from the dreaded NSO group.
Although the team says they cannot know with absolute certainty, they believe Spaniards were behind the attack, with Catalonia, a region in the northeast of the country, seeking independence from Spain. against the Spanish crown.
NSO Group strikes again
NSO Group is an Israeli tech startup known for selling malware and spyware to governments around the world. He has often been criticized for his role in violating human rights, particularly against politicians, journalists and civil rights activists.
This time, it seems that Pegasus has been installed on terminals belonging to Catalan Members of the European Parliament (MEPs), all Catalan Presidents since 2010, as well as “legislators, jurists, journalists and members of organizations of Catalan civil society and their families”. .
The newly discovered zero-day has been dubbed HOMAGE and is believed to only be found on iPhone devices running iOS 13.2 or earlier.
“Among the Catalan targets, we have not seen any instance of the HOMAGE exploit used against a device running an iOS version higher than 13.1.3. It is possible that the exploit was fixed in iOS 13.2,” said said Citizen Lab.
“We are not aware of any zero-day, zero-click exploits deployed against Catalan targets after iOS 13.1.3 and before iOS 13.5.1.”
Researchers do not know who is behind the attack, but suspect individuals from the Spanish government.
“At this time, Citizen Lab does not conclusively attribute these hacking operations to any particular government, but a series of circumstantial evidence points to a close connection to one or more entities within the Spanish government,” Citizen Lab added.