NSO Group Spyware Found on Russian Journalist's iPhone: Who Put It There?
Is the Russian government using spyware from Israel’s NSO Group? According to researchers, spyware from the notorious Israeli company has been found on an iPhone belonging to an exiled Russian journalist.
The journalist, Galina Timchenko, runs Meduza, a Russian media outlet that’s been exiled to Europe for its critical coverage of the Putin regime. Watchdog organization Citizen Lab recently examined Timchenko’s iPhone and found evidence that NSO Group’s Pegasus spyware infected the device back in February.
The infection occurred while Timchenko was attending a private meeting in Berlin, Germany, with the heads of other Russian independent media exiled to Europe. “We believe the infection could have lasted from days up to weeks after the initial exploitation,” Citizen Lab said.
The spyware also infected Timchenko's iPhone without any user interaction, making it a “zero-click exploit.” To infect the iPhone, the attack likely leveraged an iOS exploit that Citizen Lab discovered earlier this year called “PwnYourHome,” which Apple has since patched.
Timchenko learned of the spyware infection in June when Apple sent her a notification that warned state-sponsored attackers may have been targeting her iPhone. “This is the first confirmed case of a Pegasus attack against a Russian journalist,” Meduza said in its own report.
The big question is who bought access to NSO Group’s surveillance programs to spy on her device. Citizen Lab was unable to uncover any evidence attributing the NSO client to the attack.
Still, digital rights group Access Now, which helped uncover the spyware on Timchenko’s iPhone, points out suspicion is naturally falling on the Kremlin. This past January, a month before the spyware infection, the
Read more on pcmag.com
