iOS 16.6.1 Released With Security Fixes; Vulnerability Used to Infect iPhone with Pegasus Spyware: Researchers

Researchers at digital watchdog group Citizen Lab said on Thursday they found spyware they linked to Israeli firm NSO that exploited a newly discovered flaw in Apple devices. While inspecting the Apple device of an employee of a Washington-based civil society group last week, Citizen Lab said it found the flaw had been used to infect the device with NSO’s Pegasus spyware, it said in a statement.

“This shows that civil society is once again serving as the early warning system about really sophisticated attacks,” said John Scott-Railton, senior researcher at Citizen Lab, which is based at the University of Toronto’s Munk School of Global Affairs and Public Policy.

Citizen Lab did not provide further details on the affected individual or the organization.

The flaw allowed the compromise of iPhones running the latest version of iOS (16.6) without any interaction from the victim, the digital watchdog said.

Apple issued new updates on its devices after investigating the flaws reported by Citizen Lab. An Apple spokesperson said it had no further comment, while Citizen Lab urged consumers to update their devices.

An NSO spokesperson said it did not have any immediate comment on the Citizen Lab research.

The Israeli firm has been blacklisted by the US government since 2021 for alleged abuses, including surveillance of government officials and journalists. 

© Thomson Reuters 2023