The attackers used FORCEDENTRY to remotely exploit the target’s device and infect it with the spyware Pegasus. The researchers believe that a client of NSO Group is behind the attack. NSO Group has faced intense public scrutiny for its spyware amid reports of its misuse by NSO’s clients. The exploit has raised concerns over the ease of such attacks, and whether Apple is doing enough to protect its users.
Zero-click Exploit FORCEDENTRY
Researchers at Citizen Lab call the exploit “FORCEDENTRY” as it circumvents Apple’s software security feature “BlastDoor.” Citizen Lab noted its use last month by the Bahrain Government to hack into activists’ devices. FORCEDENTRY is a zero-click exploit, which means it doesn’t require the victim to click on anything. Attacks were not visible to the user. Furthermore, the exploit was previously unknown to Apple, as was the fact that it has been used since February this year. In the current incident, they found traces of the FORCEDENTRY exploit chain on the Saudi Activist’s iPhone. These files contained a “.gif” attachment and were determined to have been sent right before the device was hacked. Citizen Lab sent over these artifacts to Apple, who confirmed that the files included a zero-click exploit. This works by “exploiting an integer overflow vulnerability in Apple’s image rendering library (CoreGraphics),” Citizen Lab reported. The exploit then installed spyware on the device, which Citizen Lab attributes to NSO Group. They were able to link the attack to a 2020 Pegasus hack of 36 Al-Jazeera journalists.
Concerns Over Apple Device Hacks
Apple released a security update on Monday, September 13, for iOS 14.8 and iPadOS 14.8. The company said that it was aware that the vulnerability “may have been actively exploited.” The incident has raised concerns about whether Apple is doing enough to protect its users from such attacks. According to John Scott-Railton, senior researcher at Citizen Lab, popular apps such as iMessage are “currently the royal road for nation-state groups and mercenary hackers to target phones.” “Ubiquitous chat and messaging apps are a serious attack surface. And it’s time for them to get a lot more secure,” he added. Claudio Guarnieri, the head of Security Lab at Amnesty International, called for a change in focus for companies like Apple. “Perhaps next fall, instead of a phone with obnoxious amounts of cameras and pixels, I would welcome a more affordable, accessible, and secure device we could have some confidence in,” he said.