Apple claims it blocked a load of new NSO spyware
Lockdown Mode has actually prevented a spyware attack in the wild
Apple's recently released Lockdown Mode privacy tool has apparently being working well in real world scenarios, with the company revealing it recently stopped a major threat against vulnerable targets.
Useful for iPhone users who are high-level targets, such as journalists and human rights activists, Apple's Lockdown Mode has been found by researchers to have helped block attacks from the notorious Israeli cyber-intelligence firm, the NSO Group, using its Pegasus spyware.
The Citizen Lab, based at the University of Toronto, yesterday published its report where it analyzed three zero-day exploits - i.e. ones that Apple were unaware of - affecting iOS 15 and 16 systems that were used by the NSO Group to target Mexican human rights campaigners, among potential others.
Last line of defense
Thankfully, however, Lockdown Mode came to the rescue, blocking one of the exploits used, according to the researchers, becoming the first documented case of the feature preventing an attack.
Revelaed in July 2022, Lockdown Mode works by reducing the amount of exposed system code to an attack. The researchers also said that when the targets' phones blocked the attack, they received a notification saying that Lockdown Mode had prevented unauthorized access to the Home app.
The researchers noted, however, that it may be quite easy for hackers to determine who has and who hasn't got Lockdown Mode turned on, thus helping them to launch more successful attacks. Despite this, they were still buoyed by the fact that the feature worked.
“The fact that Lockdown Mode seems to have thwarted, and even notified targets of a real-world zero-click attack shows that it is a powerful mitigation, and is a cause for great optimism," Bill Marczak, a senior researcher at Citizen Lab, told TechCrunch.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Marczak did add a further caution, however, noting: “As with any optional feature, the devil is always in the details. How many people will opt to turn on Lockdown Mode? Will attackers simply move away from exploiting Apple apps and target third-party apps, which are harder for Lockdown Mode to secure?”
Apple spokesperson Scott Radcliffe said in a statement: “We are pleased to see that Lockdown Mode disrupted this sophisticated attack and alerted users immediately, even before the specific threat was known to Apple and security researchers. Our security teams around the world will continue to work tirelessly to advance Lockdown Mode and strengthen the security and privacy protections in iOS.”
On the other side, in a statement from the NSO Group, spokesperson Liron Bruck said: “Citizen Lab has repeatedly produced reports that are unable to determine the technology in use and they refuse to share their underlying data. NSO adheres to strict regulation and its technology is used by its governmental customers to fight terror and crime around the world.”
- Here is the best firewall to keep you safe
Lewis Maddison is a Reviews Writer for TechRadar. He previously worked as a Staff Writer for our business section, TechRadar Pro, where he had experience with productivity-enhancing hardware, ranging from keyboards to standing desks. His area of expertise lies in computer peripherals and audio hardware, having spent over a decade exploring the murky depths of both PC building and music production. He also revels in picking up on the finest details and niggles that ultimately make a big difference to the user experience.