Global Spyware Attacks Spotted Against Both New & Old iPhones
Campaigns that wielded NSO Group's Pegasus against high-risk users over a six-month period demonstrate the growing sophistication and relentless nature of spyware actors.
Coverage examines reported NSO Group-linked spyware incidents, attribution, infrastructure, disruption, and defensive guidance.
Search across headline titles and summaries.
Background for this topic.
NSO Group is a commercial surveillance-technology company best known for Pegasus, spyware reported to compromise mobile devices and collect messages, files, location data, or sensor inputs. Reports have alleged use against journalists, activists, and political figures, but attribution generally concerns customers or operators using the tools rather than NSO Group directly conducting each intrusion. The tag therefore covers reported deployments, vulnerability research, infrastructure, legal or commercial restrictions, and efforts to detect or disrupt the spyware.
For defenders, Pegasus-related incidents matter because mobile compromise may involve highly targeted exploits, including cases requiring little or no user interaction, and may leave limited conventional endpoint evidence. Practical responses include rapid installation of mobile operating-system security updates, restricting unnecessary device exposure, and treating suspected targeting as a forensic incident: preserve the device, collect relevant logs and backups carefully, and obtain specialist analysis rather than immediately resetting it. Organizations should also assess privacy, consent, and legal obligations when handling evidence or protecting people at elevated risk.
Campaigns that wielded NSO Group's Pegasus against high-risk users over a six-month period demonstrate the growing sophistication and relentless nature of spyware actors.
Israeli spyware maker NSO Group deployed at least three novel "zero-click" exploits against iPhones in 2022 to infiltrate defenses erected by Apple and deploy Pegasus, according to the latest findings from Citizen Lab
An investigation concludes that NSO Group was hired in 2022 to deploy Pegasus spyware against human rights workers in Mexico and other targets.
The findings by Jamf suggest the observed attacks are highly targeted