The iPhones of nine Bahraini human rights activists were hacked by the local government with the Pegasus spy program, in attacks that took place between October 2019 and February 2021. 24).
According to the institution linked to the University of Toronto (Canada), the phones were targeted by zero-click attacks, which do not depend on any action taken by the victim. The campaign allegedly took advantage of a vulnerability in iMessage to install spyware from the NSO Group.
In the report, researchers claim that at least one of the cell phones monitored ran the latest version of iOS. In addition, Israeli malware managed to infiltrate the device even with the new BlastDoor feature, which would be able to strengthen the security of the messenger, according to Apple.
Due to the ability to circumvent the new protection tool made available by Apple, the exploitation of the vulnerability was named by Canadian researchers as “ForcedEntry”. They also said they had warned the Cupertino company of the attack as soon as they found evidence of the invasions.
Apple condemns attacks
Sought out by TechCrunch, big tech’s chief of engineering and security architecture, Ivan Krstic, condemned the attacks targeted at people who “seek to make the world a better place”. He also said the company has been investing in new solutions to protect users, but has not confirmed whether the iMessage flaw has been fixed.
Bahrain’s government has denied the charges, saying they are based on “unfounded allegations and wrong conclusions.” The country’s authorities also said they were committed to “safeguarding individual rights and freedoms”.
A similar statement was given by the owner of Pegasus to Forbes, saying that it did not have access to Citizen Lab data. Despite this, the NSO Group commented that it would investigate allegations of misuse of the tool.