On Thursday, Apple released security updates that patch two zero-day exploits, meaning hacking techniques that were unknown at the time Apple found out about them. These vulnerabilities were used against a member of a civil society organization in Washington, D.C., according to the researchers who found the vulnerabilities.
Citizen Lab’s Investigation
The Citizen Lab, an internet watchdog group that investigates government malware, published a short blog post explaining their findings. Last week, they discovered a zero-click vulnerability, meaning that the hackers’ target didn’t have to tap or click anything, such as an attachment, to be targeted with malware.
The Exploit Chain
According to Citizen Lab, the exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim. The researchers reported that the vulnerability was used as part of an exploit chain designed to deliver NSO Group’s malware, known as Pegasus.
Apple’s Response
Once Citizen Lab found the vulnerability, they reported it to Apple, which released a patch on Thursday. Apple thanked Citizen Lab for reporting the vulnerability and attributed the finding of the second vulnerability to their own investigation.
When reached for comment, Apple spokesperson Scott Radcliffe did not comment and referred TechCrunch to the notes in the security update.
Citizen Lab’s Recommendations
Citizen Lab recommended that all iPhone users update their phones. John Scott-Railton, a senior researcher at Citizen Lab, wrote on Twitter:
"Once more, civil society, is serving as the cybersecurity early warning system for… billions of devices around the world."
Scott-Railton also stated that he and his colleagues, as well as Apple’s Security Engineering and Architecture team, believe that Lockdown Mode, an opt-in mode that enhances some security features and blocks others to reduce the risk of targeted attacks, would have blocked the exploits found in this case.
NSO Group’s Response
NSO did not immediately respond to a request for comment.
Update on Lockdown Mode
On Friday, September 8, Apple’s high-security mode was updated to block NSO spyware, according to researchers. This update adds an additional layer of protection against targeted attacks, and it is recommended that users enable Lockdown Mode if they are concerned about their security.
Conclusion
The recent security updates from Apple demonstrate the importance of keeping software up-to-date to prevent vulnerabilities. Citizen Lab’s investigation highlights the role of civil society in identifying and reporting cybersecurity threats. As more people become aware of these issues, it is essential that we work together to protect our devices and personal data.
Recommendations
- Update your iPhone to the latest version of iOS (16.6) as soon as possible.
- Enable Lockdown Mode if you are concerned about your security.
- Stay informed about cybersecurity threats and updates from Apple and other organizations.
By following these recommendations, we can all do our part in protecting ourselves and others from cyber attacks.
