Bahraini activists targeted by government using Pegasus iPhone hack
What you need to know
- 9 Bahraini activists were reportedly targeted by their government using Pegasus spyware.
- A zero-click iPhone exploit was used to target the group between June 2020 and February 2021.
- At least one activist was in London when they were targeted, but a different government might have been behind this.
A new Citizen Lab report says that nine Bahraini activists had their iPhones successfully hacked by their own government using NSO's Pegasus spyware using a zero-click exploit.
Research released today states:
Worryingly, this exploit appears to be effective against both iOS 14.4 and iOS 14.6 as zero-day exploits, the also seem to bypass a recently-added iOS security feature:
CL says FORCEDENTRY can circumvent BlastDoor. The company confirmed to the group that it was investigating the use of FORCEDENTRY on iOS 14.4 and iOS 14.6 using the crash and phone logs of some of the targets.
CL says activists "included three members of Waad (a secular Bahraini political society), three members of the Bahrain Center for Human Rights, two exiled Bahraini dissidents, and one member of Al Wefaq (a Shiite Bahraini political society)." According to the report two of the hacked activists now live in London, and one was in London at the time their iPhone was breached, however, this may indicate a different government was behind the hit:
Citizen Lab says that five of the hacked devices matched the numbers on a list of potential targets of NSO's Pegasus Spyware customers that came to light earlier this year. From that report:
Citizen Lab says that the government of Bahrain "appears to have purchased NSO Group's Pegasus spyware in 2017." The extensive report details Bahrain's history of state surveillance and censorship, concluding:
NSO Group has previously stated it is not responsible for the actions of its customers, and that it can and will withdraw access to its products if it finds the technology is being misused. Unconfirmed speculation indicates Apple may have patched the exploit used by Pegasus in a recent version of iOS 14.
Get the best of iMore in your inbox, every day!
Stephen Warwick has written about Apple for five years at iMore and previously elsewhere. He covers all of iMore's latest breaking news regarding all of Apple's products and services, both hardware and software. Stephen has interviewed industry experts in a range of fields including finance, litigation, security, and more. He also specializes in curating and reviewing audio hardware and has experience beyond journalism in sound engineering, production, and design.
Before becoming a writer Stephen studied Ancient History at University and also worked at Apple for more than two years. Stephen is also a host on the iMore show, a weekly podcast recorded live that discusses the latest in breaking Apple news, as well as featuring fun trivia about all things Apple. Follow him on Twitter @stephenwarwick9