Pegasus Zero-Day iPhone Attack Defeats Apple’s Blastdoor Protections Software

Apple Inc. has been unsettled ever since NSO Group zero-day exploited its most defensive Blastdoor software protecting its iPhones. Just as it sounds, the NSO Group’s surreptitious campaign is considered an act of treason even though the Israeli spyware company’s approach to its services remains classified.

Per Citizen Lab’s discoveries, NSO’s Pegasus spyware infested iPhones at the time when Apple’s smartphones were running on the previous iOS 14.6 software. Apple said Blastdoor Protection was modified when iOS 14.7.1 rolled out. Still, the research Lab questions Apple’s protection systems and the limits of its Blastdoor vulnerabilities since Pegasus spyware also defeated its firewall.

Remember, NSO’s surreptitious Pegasus-related zero-day activities targeted several Journalists, activists, lawyers and Human rights activists, and other significant personnel likely to have vital information that suited its clients.

It’s worth noting that the NSO’s high-end Pegasus spyware is sold exclusively for governments and other law enforcement-related organizations.

A few weeks ago, NSO’s Pegasus spyware got busted for stalking several media houses and their staffs’ work. The twisted fact about the NSO’s zero-day spyware exploiting Apple’s Blastdoor Protection system is an easy story.

When the Israeli surreptitious spyware got busted, Techbooky discovered NSO newly upgraded its Pegasus spyware tools to hack its targets without physical interaction.

One of the victim’s iPhones the Pegasus spyware infiltrated is a Human Rights Activist based in Bahraini. Per Citizen Lab’s research, he recommends he is called a John Doe — NSO’s Pegasus zero-day exploited his iPhone’s default iMessage app via existed vulnerabilities unknown to Apple.

Citizen Lab, the internet watchdog based at the University of Toronto, analyzed the activist’s iPhone 12 Pro and found evidence that it was hacked starting in February using a so-called “zero-day” attack since it does not require any user interaction to infect a victim’s device.

It is evident because the zero-day attack successfully exploited the latest iPhone software at the time, both iOS 14.4 and later iOS 14.6, which Apple released in May. But the hacks also circumvent a new software security feature built into all versions of iOS 14, dubbed BlastDoor, which is supposed to prevent these kinds of device hacks by filtering malicious data sent over iMessage.

Citizen Lab also confirmed the NSO’S zero-day spyware exploited Apple’s iOS 14.7.1 software update. The Lab could not ascertain the extent of Pegasus zero-day vulnerabilities that hacked Apple’s high-end defense systems. Still, Apple is yet to completely evade I+sraeli spyware technology.