iPhone
(Photo : Unsplash/Priscilla Du Preez) iPhone

Weeks after Apple sued NSO Group to stop it from targeting their customers, investigators confirmed that a Jordanian journalist and human rights defender's iPhone was hacked using the NSO Group's spyware, Pegasus.

Pegasus Hacked Journalist's iPhone

The award-winning journalist Suhair Jaradat's iPhone was hacked with spyware as recently as December 2021, according to the analysis of her iPhone by Front Line Defenders and Citizen Lab that was shared with TechCrunch.

Jaradat was sent a WhatsApp message from a user impersonating a popular anti-government critic with links to the Pegasus spyware, compromising her device.

According to forensic analysis, Jaradat's iPhone was hacked numerous times in the preceding months and as far back as February 2021.

Also Read: Lawmakers Call For More Transparency For Apple Regarding NSO Group's Pegasus Spyware; Question FBI as Well

Apple had filed a lawsuit against NSO Group in 2021, seeking a court-issued injunction aimed at banning NSP from using the tech company's products and services to create and deploy hacks against its customers.

If the injunction is granted, it will make it more difficult for NSO Group to deploy the Pegasus spyware because its capabilities rely on abusing Apple's services, like iMessage, to create Apple user accounts for delivering the spyware.

So far, the case has gotten off to a very slow start after the first judge assigned to the case recused herself. The decision is expected to be revealed in June.

The Pegasus spyware gives the government customers near-complete access to a target's device, including their photos, personal data, messages, and location.

Several victims have received text messages with malicious links, but Pegasus has recently been able to silently hack iPhones without any interaction from the user, also called "zero-click" attacks.

In 2021, Apple bolstered iPhone security by launching BlastDoor, a new security feature designed to filter out malicious payloads sent over iMessage that could compromise a device.

However, NSO Group was found to have circumvented the security measure with a new exploit, which researchers named ForcedEntry for its ability to break through the protections of BlastDoor.

Apple fixed BlastDoor in September after the NSO exploit was found to affect Macs, iPads, and Apple Watches, not just iPhones, according to 9to5Mac.

Targeting of Journalists

Jaradat is just one of the many Jordanians, including lawyers, human rights defenders, and fellow journalists, whose iPhones were compromised likely by agencies of the Jordanian government, according to the Irish Times. 

The other victims include Malik Abu Orabi, a human rights lawyer whose work has included defending the teachers' union, which led to the longest public sector strike in Jordan in 2019.

Abu Orabi's iPhone was targeted from August 2019 until June 2021. Also, the iPhone of Ahmed Al-Neimat, a human rights defender and anti-corruption activist, was targeted by the ForcedEntry exploit in February 2021.

The researchers said that the hacking of Al-Neimat's iPhone is believed to be the earliest suspected use of ForcedEntry. Another journalist from Jordan, known as a human rights defender, was also targeted, but the researchers did not reveal his identity.

Aside from Apple's lawsuit, NSO Group is also in a legal battle with Facebook for using a then-unknown vulnerability in WhatsApp to hack into some 1,400 iPhones belonging to members of civil society.

In 2021, a US appeals court rejected NSO Group's claim that it was entitled to the protection of a foreign sovereign, in this case, Israel.

In November 2021, NSO Group's Pegasus spyware was blacklisted in the US.

In Jan., the FBI allegedly bought the Pegasus spyware.

Related Article: WhatsApp: NSO Group's Pegasus Spyware Attacks US Allies, Current Findings Coincides 2019 Incident

This article is owned by Tech Times

Written by Sophie Webster

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion