While journalists, human rights defenders, lawmakers, and political officials are frequent targets of state surveillance, reports of spyware compromising the phones of business leaders are rare but not unheard of. A recent finding by security firm iVerify suggests that a leader of a well-known company was among several individuals whose iPhones were targeted with the Pegasus spyware.
The Findings
In a call with TechCrunch this week, iVerify chief executive Rocky Cole declined to name who was targeted but stated that the business leader was "completely surprised" by the attempt to compromise their phone. The security firm analyzed telemetry data from 2,500 users who opted to scan their devices for possible traces of spyware and detected evidence of compromise on seven iPhones.
The Targeted Devices
The affected devices were running newer versions of iOS 16.6 in late 2023 at the time of detection, which suggests that some of the targeted phones may not have been patched with the latest software update when they were compromised. This could have left the devices exposed to older exploits.
iVerify’s Detection Method
iVerify’s app is designed to look for potentially anomalous signals deep inside the iPhone and iPad operating systems that can be caused by the side effects of malware infections. Since Apple tightly controls the software on iPhones and iPads, iVerify analyzes other telemetry data within those privacy constraints, such as on-device diagnostic logs, to help determine if the device might be compromised.
Government Hackers Reusing Spyware Exploits
Cole stated that government-backed hackers from countries like China, Iran, and Russia are reusing spyware exploits, making it harder to contain the misuse of these tools. iVerify is also investigating whether Salt Typhoon, a China-backed hacking group linked to ongoing intrusions at several U.S. and international phone and internet giants, may have used its access to telecom networks to identify and target individuals with phone spyware.
The Reuse of Commercial Capabilities
Cole said that if Salt Typhoon is linked to the targeting of these phones, the attempted intrusions "very well could be the reuse of commercial capabilities." This raises questions about the extent to which government-backed hackers are leveraging commercial tools for their operations.
NSO Post-Publish Comment
In response to iVerify’s findings, NSO Group stated that they take allegations of misuse seriously and have a robust process in place to investigate such claims. However, this has done little to address the concerns raised by iVerify and other security experts about the potential for commercial spyware to be misused.
The Implications
The fact that business leaders are being targeted with Pegasus spyware raises questions about the vulnerability of high-profile individuals to state-sponsored hacking. This highlights the need for greater awareness and education among business leaders and their teams about the risks associated with commercial spyware and the importance of implementing robust security measures.
Conclusion
While confirmed spyware attacks against business leaders are seldom made public, iVerify’s findings suggest that this is a growing concern. The reuse of commercial capabilities by government-backed hackers raises questions about the extent to which these tools are being misused. As the use of commercial spyware continues to rise, it is essential for businesses and governments to work together to address the risks associated with these tools.
Related Topics
- Apple
- Cybersecurity
- iPhones
- iVerify
- NSO Group
- Pegasus
- Security
- Spyware
- U.S. Government
Recommended Reading
