(Reuters) -An Israeli-based cyber-surveillance company developed a tool to break into Apple iPhones using unprecedented technology that has been in use since at least February, the Internet Security Watchdog Group Citizen Lab said on Monday.
The discovery is important because of the critical nature of the vulnerability, which does not require any user interaction and affects all versions of Apple's iOS, OSX and watchOS, except those updated on Monday.
The tool developed by the Israeli company, called the NSO Group, defeats security systems designed by Apple in recent years.
Apple said it addressed the vulnerability in Monday's software update, which confirmed Citizen Labs' findings.
"After identifying the vulnerabilities used by this exploitation for iMessage, Apple quickly developed and implemented a fix in iOS 1
"While that means they are not a threat to the vast majority of our users, we continue to work tirelessly to defend all of our customers, and we are constantly adding new protections for their devices and data," he added. he.
An Apple spokesperson declined to comment on whether the hacking technology came from the NSO Group.
In a statement to Reuters, the NSO did not confirm or deny that it was behind the technology, saying only that it would "continue to provide life-saving intelligence and law enforcement agencies around the world with the fight against terrorism and crime."  "Soft underbelly of device security"
Citizen Lab said it found malicious software on the phone of a named Saudi activist and that the phone had been infected with spyware in February, it is unknown how many other users can
The intended targets do not have to click on anything for the attack to work. Researchers said they did not believe there was any visible indication that a hack had occurred.
IMessage has been repeatedly targeted by NSOs and other cyber-arms dealers, prompting Apple to update its architecture, but that upgrade has not fully protected system.
“Popular chat apps risk becoming the soft bottom of device security. Securing them should be a top priority, says Citizen Lab researcher John Scott-Railton.
The US Cyber Security and Infrastructure Security Agency had no immediate comment.
Citizen Lab said that several details in malware overlapped with previous NSO attacks, including some that were never reported publicly. A process within the hack's code was named "setframed", the same name given in a 2020 infection by a device used by a journalist on Al Jazeera, the researchers found.
"Device security is increasingly being challenged by attackers," said Citizen Lab researcher Bill Marczak.
A record number of previously unknown attack methods, which can be sold for $ 1 million or more, have been revealed this year. The attacks are marked as "zero day" because software companies had zero days notice of the problem.
Along with an increase in ransomware attacks on critical infrastructure, the explosion in such attacks has brought a new focus to cyber security in the White House as well as renewed demands for regulation and international agreements to curb malicious hacking.
The FBI has investigated the NSO and Israel has set up a senior interim ministry to assess allegations that its spyware program has been abused on a global scale.
Although the NSO has said that it sells to veterinarians, its Pegasus spyware program has been found on the mobile phones of activists, journalists and opposition politicians in countries with poor human rights records. Catalog