New vulnerability in IOS exploited by NSO’s spyware program Pegasus

Shortly after the latest revelations about the Israeli NSO Group’s spy software Pegasus – which has been used to hack iPhones belonging to journalists, activists, politicians and lawyers in various countries – new revelations are now coming.

Citizen Lab at the University of Toronto has discovered a new previously unknown vulnerability that has been used to hack both iOS 14.4 and 14.6 on Iphone, which at the time of hacking had the latest version of the system installed. The newly discovered security flaw also bypasses one of the most important news in iOS 14, reports Tech Crunch.

The function in question is called Blastdoor and involves processing incoming Imessage messages and attachments in so-called sandboxes. The idea is that incorrectly formatted data, something that is often used to circumvent security protection, should only be able to crash the sandbox and not spread to the rest of the system.

The problem is that NSO Group’s developers have found (or paid for the discovery of) a way to break out of that sandbox and then get around other security systems to finally take full control of the system and spy on the user.

Citizen Labs researchers made the discovery when they examined an Iphone belonging to a human rights activist in Bahrain. The phone showed signs of having been hacked several times since February this year.

Apple was informed about the attacks earlier this summer, but it is unknown if this particular vulnerability has been fixed in iOS 14.7.1 which was released recently and is believed to have fixes for the other vulnerabilities that have been exploited in the Pegasus software up to and including iOS 14.6.