FORCEDENTRY: NSO Group iMessage Zero-Click Exploit Captured in the Wild

Marczak, Bill; Scott-Railton, John; Abdul Razzak, Bahr; Al-Jizawi, Noura; Anstis, Siena; Berdan, Kristin; Deibert, Ron

FORCEDENTRY: NSO Group iMessage Zero-Click Exploit Captured in the Wild

Files

Report#143--forcedentry.pdf (1.13 MB)

Date

2021-09-13

Authors

Abstract

While analyzing the phone of a Saudi activist infected with NSO Group’s Pegasus spyware, we discovered a zero-day zero-click exploit against iMessage. The exploit, which we call FORCEDENTRY, targets Apple’s image rendering library, and was effective against Apple iOS, MacOS and WatchOS devices.

Keywords

spyware, NSO Group, spyware vendor, Pegasus, Apple, iOS, mobile, zero-day exploit

Citation

Bill Marczak, John Scott-Railton, Bahr Abdul Razzak, Noura Al-Jizawi, Siena Anstis, Kristin Berdan, and Ron Deibert. “FORCEDENTRY: NSO Group iMessage Zero-Click Exploit Captured in the Wild,” Citizen Lab Research Report No. 143, University of Toronto, September 2021.

URI

http://hdl.handle.net/1807/123970

Creative Commons

Attribution-ShareAlike 4.0 International

Creative Commons URI

http://creativecommons.org/licenses/by-sa/4.0/

Collections

Citizen Lab

Full item page

FORCEDENTRY: NSO Group iMessage Zero-Click Exploit Captured in the Wild

Files

Date

Authors

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

Description

Keywords

Citation

URI

DOI

ISSN

Creative Commons

Creative Commons URI

Collections