Apple Patches Up Devices In Response To The Exposure Of Yet Another NSO Group Exploit

from the soon-they-will-make-a-board-with-a-nail-so-big-it-will-destroy-them-all dept

Israeli digital arms merchant NSO Group continues to sell its malware to a wide variety of governments. The governments it sells to, which includes a bunch of notorious human rights abusers, continue to use these exploits to target dissidents, activists, journalists, religious leaders, and political opponents. And the manufacturers of the devices exploited by governments to harm people these governments don't like (NSO says "criminals and terrorists," long-term customers say "eh, whoever") continue to patch things up so these exploits no longer work.

The circle of life continues. No sooner had longtime critic/investigator of NSO Group's exploits and activities -- Citizen Lab -- reported the Bahrain government was using "zero click" exploits to intercept communications and take control of targeted devices then a patch has arrived. Apple, whose devices were compromised using an exploit Citizen Lab has dubbed FORCEDENTRY, has responded to the somewhat surprising and altogether disturbing news that NSO has developed yet another exploit that requires no target interaction at all to deploy.

Apple released a patch Monday against two security vulnerabilities, one of which the Israeli surveillance company NSO Group has exploited, according to researchers.

The updated iOS software patches against a zero-click exploit that uses iMessage to launch malicious code, which in turn allows NSO Group clients to infiltrate targets — including the phone of a Saudi activist in March, researchers at Citizen Lab said.

The backdoor being closed involves a pretty clever trick of the trade. Since links require clicks and images don't, the exploit utilizes a tainted gif to crash Apple's image rendering library, which is then used to launch a second exploit that gives NSO customers control of these devices, allowing them to browse internal storage and eavesdrop on communications.

It's not the first time NSO has developed a zero-click exploit that affects iOS devices. It's just the latest exposed by Citizen Lab's incredible investigation efforts. Thanks to Citizen Lab, more Apple device users around the world are better protected against malicious hackers… working for a company that sells exploits to government agencies. And whatever can be nominally exploited for good (the terrorists and criminals NSO continues to claim its customers target, despite an ever-growing mountain of evidence that says otherwise) can be exploited by governments and malicious hackers who don't even have sketchy "national security" justifications to raise in the defense of their actions.

The arms race continues. It appears marketers of exploits will continue to do what they've always done: maintain over-the-air superiority for as long as possible. And while it may seem this is just part of the counterterrorism game, NSO Group's tacit approval of the targeting of dissidents, journalists, and others who have angered local governments (but have never committed any terrorist or criminal acts) shows it's not willing to stop profiting from the misery of people being hunted and harmed by repressive regimes.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: ios, iphone, malware, patches, surveillance
Companies: apple, nso group