Google’s Project Zero bug-hunting group analyzed ForcedEntry using a sample provided by researchers at the University of Toronto’s Citizen Lab, which published extensively this year about targeted attacks utilizing the exploit. Researchers from Amnesty International also conducted important research about the hacking tool this year. The exploit mounts a zero-click, or interactionless, attack, meaning that victims don’t need to click a link or grant a permission for the hack to move forward. Project Zero found that ForcedEntry used a series of shrewd tactics to target Apple’s iMessage platform, bypass protections the company added in recent years to make such attacks more difficult, and adroitly take over devices to install NSO’s flagship spyware implant Pegasus.
Apple released a series of patches in September and October that mitigate the ForcedEntry attack and harden iMessage against future, similar attacks. But the Project Zero researchers write in their analysis that ForcedEntry is still “one of the most technically sophisticated exploits we’ve ever seen.” NSO Group has achieved a level of innovation and refinement, they say, that is generally assumed to be reserved for a small cadre of nation-state hackers.
Read 8 remaining paragraphs | Comments