The recent combined investigation conducted by Access Now and the Citizen Lab has unveiled that the iPhone owned by Galina Timchenko, a well-known Russian journalist and government opponent, was subjected to compromise through the utilization of NSO Group’s Pegasus spyware.
The purported invasion reportedly occurred about on February 10, 2023. Timchenko serves as the executive editor and proprietor of Meduza, a self-governing news outlet headquartered in Latvia.
The entity responsible for deploying the malware on the device is presently indeterminate. According to an undisclosed source familiar with the operations of NSO Group, as published by The Washington Post, it has been stated that the Russian government is not a client of the aforementioned organization.
According to the Citizen Lab, the individual’s device was geographically restricted to the GMT+1 timezone when experiencing the infection. Additionally, the individual claims to have been situated in Berlin, Germany. On the subsequent day after contracting the virus, she had a prearranged appointment to participate in a closed-door gathering among other leaders of Russian independent media who had been forced into exile in Europe. The primary objective of this conference was to deliberate on strategies for effectively addressing the challenges posed by the administration of President Putin, particularly in relation to threats and censorship.
The unauthorized access was enabled by the utilization of a zero-click attack referred to as PWNYOURHOME, which was discovered in April 2023. This exploit leverages the functionalities of iOS’ HomeKit and iMessage in order to bypass the BlastDoor security measures.
The aforementioned discoveries emerged subsequent to Timchenko’s receipt of a threat notification from Apple on June 23, 2023, indicating that her iPhone may have been targeted by state-sponsored attackers.
This occurrence signifies the initial recorded instance in which the infamous malware has been surreptitiously installed on the mobile device of a Russian individual. Pegasus, an advanced surveillance technology created by the NSO Group headquartered in Israel, possesses formidable capabilities in extracting confidential data from compromised mobile devices.
The installation of the software onto a mobile device can be accomplished remotely without requiring the victim to engage in any action, such as clicking on a link. This method is sometimes referred to as a zero-click exploit. Although Pegasus is officially authorized for use by governments and law enforcement agencies in addressing major criminal activities, it has been frequently abused for the purpose of covertly monitoring individuals inside civil society.
According to the Committee to Protect Journalists (CPJ), the surveillance of journalists and their sources undermines their freedom and safety. The recent targeting of Timchenko serves as a reminder that governments should promptly enforce a moratorium on the advancement, distribution, and utilization of spyware technologies.
The disclosure of the spyware infestation comes just after Apple expedited the release of patches for two previously unknown vulnerabilities in iOS, which have been actively exploited to disseminate the Pegasus spyware. Individuals who possess a higher susceptibility to spyware threats are advised to activate Lockdown Mode on iPhones as a preventive measure against such threats.
About The Author:
Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space. Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM. Naager entered the field of content in an unusual way. He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts. He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field. In the bottom line, he frequently writes for Craw Security.
Read More Article Here: