iPhone's Lockdown Mode Stops Spyware From Notorious NSO Group
"Lockdown Mode" on Apple’s iPhones was able to thwart hacking attempts from NSO Group, a notorious commercial spyware vendor.
The findings come from Citizen Lab, a watchdog group that’s been tracking NSO’s efforts to deliver spyware to a human rights group in Mexico. Last year, NSO Group deployed a new iOS exploit, dubbed “PwnYourHome,” which can secretly infiltrate a user’s iMessages app and tamper with the HomeKit software.
However, Citizen Lab noticed the attack ran into a wall on iPhones that had activated the Lockdown Mode, which arrived in September through iOS 16.
“For a brief period, targets that had enabled iOS 16’s Lockdown Mode feature received real-time warnings when PwnYourHome exploitation was attempted against their devices,” the watchdog group said(Opens in a new window) in the report, which notes NSO Group began delivering the exploit in October.
That’s good news since Apple’s Lockdown Mode was designed to stymie professional spyware vendors from targeting users such as government officials and human rights activists. The optional Lockdown Mode restricts various processes on an iPhone, and while this can disable certain features, it can also prevent hacking attempts from secretly tampering with the OS.
Citizen Lab found that the Lockdown Mode was able to detect and block NSO Group’s PwnYourHome exploit by flagging its attempts to access the iPhone’s Homekit software. “We have seen no recent notifications on Lockdown Mode, nor have we seen any evidence of successful PwnYourHome compromise on Lockdown Mode,” the group added.
Still, this could also mean NSO Group created a workaround to bypass Lockdown Mode since it's spyware is adept at deleting any traces of itself from infected iPhones.
“Given
Read more on pcmag.com
