Zero-click iMessage Pegasus exploit defeated Apple's iOS 14 security

A new targeted zero-click attack on that defeated both iOS 14.4 and the later release of iOS 14.6 was first spotted in February, according to researchers investigating Pegasus.

The Pegasus hacking tool became prominent in July, after a report discovered the spyware by NSO Group was used to hack iPhones and smartphones owned by a number of human rights activists and journalists. In an update to the affair, it appears that NSO managed to include a new zero-click attack that impacted newer versions of iOS.

The discovery by Citizen Lab, as first reported by TechCrunch involved a Bahraini human rights activist's iPhone 12 Pro, finding evidence of hacks from February. The attack was a zero-click version, in that it didn't require any interaction by the victim to infect the iPhone.

The attack employed a previously-unknown vulnerability in iMessage, which then enabled Pegasus to be installed on the iPhone. It is unclear if it is the exploit previously mentioned in investigations, or a new discovery.

The hack was significant for two elements, with the first being that it successfully exploited the latest iOS release at the time, iOS 14.4, as well as the later update to iOS 14.6 from May. Secondly, the attack defeated a security feature Apple introduced in iOS 14 for mitigating malicious data in iMessage termed "BlastDoor."

Due to defeating BlastDoor, the researchers named the hack as "ForcedEntry."

The researchers informed Apple of the exploit they had discovered, though Apple declined to say to the report if it had discovered and fixed the underlying vulnerability.

An Apple spokesperson said BlastDoor was only part of its efforts to security iMessage, with more defenses included in its upcoming release of iOS 15.

The researchers believe that the Bahraini government was probably behind the attack in some way, along with another eight activists between June 2020 and February 2021.

Following the discovery of the widespread hacking using the tool, which used exploits in various Apple software to install the spyware, NSO Group's actions have been condemned by various parties, including Apple itself.

NSO Group CEO Shalev Hulio insisted in July that law-abiding individuals have "nothing to be afraid of," though this was rebuked by WhatsApp CEO Will Cathcart. The company is currently under investigation by the Israeli government.

For those concerned they may have been affected by the hack, iMazing has developed a tool based on the Mobile Verification Toolkit created by Amnesty International, for detecting evidence of a Pegasus intrusion.