Apple_iphone_11-rosette-family-lineup-091019_big
The Pegasus spyware from NSO can access a mobile device through "zero-click attacks," which have become increasingly common in recent years. Representation image. Apple

At least three "zero click" attacks on members of civil society's iPhones last year were carried out using spyware from the Israeli NSO Group, a research team stated.

After NSO's software infected the phones of at least two human rights advocates in Mexico in 2022, Citizen Lab published its findings on NSO's global reach on Tuesday, Apr. 18.

The Pegasus spyware from NSO can access a mobile device through "zero-click attacks," which have become increasingly common in recent years.

Those intrusions compromise devices without any action by the user. Messages, chats, phone calls, contacts, and emails can be monitored, Al Jazeera reported.

According to Citizen Lab, the most recent breaches targeted mobile devices running iOS 15 and iOS 16. The Lab informed Apple of its discoveries, and Apple fixed the security holes the spyware was using.

One of the three attacks was successfully thwarted by Apple's Lockdown Mode, according to the study.

Israeli cyber-surveillance company NSO Group is subject to the Ministry of Defense of Israel regulation. The University of Toronto's Citizen Lab has done substantial research on Pegasus.

After looking through the phones of Mexican human rights advocates, Citizen Lab said that it jointly conducted an investigation with the Mexican NGO Red en Defensa de los Derechos Digitales (Digital Rights Defence Network), or RD3, and discovered the zero-click exploits.

"The timing of the infections on their devices corresponds to events of importance to the activities of Centro PRODH and suggests that the Pegasus operator may have been seeking to penetrate and perhaps blunt the impact of Centro PRODH's work relating to human rights violations committed by the Mexican Army," the report said.

A large-scale kidnapping of a number of students in Mexico in 2015 was being investigated by Centro PRODH, a human rights and legal help organization in Mexico.

One infected phone belonged to Centro PRODH's director, Jorge Santiago Aguirre Espinosa. Citizen Lab said his phone had been compromised at least three times since 2016.

Mara Luisa Aguilar Rodrguez, a second member of Centro PRODH, got her phone infected in June when she was advocating for victims of suspected human rights violations by the Mexican military. Mexico has reportedly been "a major NSO customer," according to a Washington Post story.

Between 2011 and 2018, NSO Group signed contracts with Mexican government entities totaling approximately $160 million, according to Reuters.

NSO representatives have repeatedly refuted accusations that they broke any laws by selling spyware to other governments. Pegasus is intended for use only "against criminals and terrorists", the company said.

A spokesman for NSO "declined to say" whether its product was involved in the latest intrusions in Mexico, and he "faulted Citizen Lab for failing to disclose its underlying data", the Post reported.

© 2024 Latin Times. All rights reserved. Do not reproduce without permission.