On September 14, 2023, it was revealed that the iPhone of Galina Timchenko, a well-known Russian journalist and government critic, had been compromised with NSO Group's Pegasus spyware. This information comes from a joint investigation conducted by Access Now and the Citizen Lab.
The infiltration is believed to have occurred around February 10, 2023. Timchenko is the editor-in-chief and owner of Meduza, an independent news publication based in Latvia. The source of the malware is currently unknown.
According to The Washington Post, the Russian government is not a customer of NSO Group, as stated by an anonymous individual familiar with the company's activities.
The Citizen Lab stated, "During the infection, her device was located in the GMT+1 time zone, and she reports she was in Berlin, Germany. The day after the infection, she was scheduled to attend a private meeting with other heads of Russia's independent media exiled in Europe to discuss how to deal with the Putin regime's threats and censorship."
The breach was made possible by a zero-click exploit called PWNYOURHOME, which was discovered in April 2023. This exploit combines HomeKit and iOS's iMessage to bypass BlastDoor protections.
Timchenko received a threat notification from Apple on June 23, 2023, warning that her iPhone may have been targeted by state-sponsored attackers. This is the first documented case of Pegasus spyware being placed on a Russian target's phone.
Pegasus, developed by NSO Group based in Israel, is a powerful spy tool that can gather sensitive information from infected devices. It can be remotely installed without the user taking any action, making it a zero-click exploit. Although Pegasus is supposedly licensed to governments and law enforcement agencies to combat serious crime, it has been widely misused to spy on members of civil society.
Upcoming Webinar: Identity is the New Endpoint: Mastering SaaS Security in the Modern Era
Dive deep into the future of SaaS security with Maor Bin, CEO of Adaptive Shield. Discover why identity is the new endpoint. Secure your spot now. Boost your skills.
The Committee to Protect Journalists (CPJ) has emphasized the importance of governments implementing an immediate moratorium on the development, sales, and use of spyware technologies, stating that "journalists and their sources are not free and safe when they are spied on, and this attack on Timchenko underlines the need for governments to impose an immediate moratorium on development, sales and use of spyware technologies."
This news about the spyware infection comes shortly after Apple hurriedly patched two zero-day exploits in iOS that were being used in the wild to distribute Pegasus. Users who face a higher risk of spyware threats are advised to enable Lockdown Mode on their iPhones to mitigate such risks.
HomeKit.Blog is in no way affiliated with or endorsed by Apple Inc. or Apple related subsidiaries.
All images, videos and logos are the copyright of the respective rights holders, and this website does not claim ownership or copyright of the aforementioned.
All information about products mentioned on this site has been collected in good faith. However, the information relating to them, may not be 100% accurate, as we only rely on the information we are able to gather from the companies themselves or the resellers who stock these products, and therefore cannot be held responsible for any inaccuracies arising from the aforementioned sources, or any subsequent changes that are made that we have not been made aware of.
HomeKit.Blog Is A Participant In The Amazon Services LLC Associates Program, An Affiliate Advertising Program Designed To Provide A Means For Sites To Earn Advertising Fees By Advertising And Linking To Amazon Store (Amazon.com, Or Endless.com, MYHABIT.com, SmallParts.com, Or AmazonWireless.com).
The opinions expressed on this website by our contributors do not necessarily represent the views of the website owners.