Experts have discovered a new zero-click exploit HOMAGE by NSO Group

Citizen Lab analysts have discovered a new HOMAGE zero-click exploit for iMessage, which was used to install NSO Group spyware on iPhones owned by Catalan politicians, journalists and activists.

A previously unknown vulnerability in iOS has been named HOMAGE. It is reported that it affects some versions of iOS older than 13.2 (remember that the current stable version is 15.4).

According to experts, the exploit was used between 2017 and 2020, as part of a campaign that targeted at least 65 people, along with the Kismet exploit developed by the NSO group and the WhatsApp vulnerability, the use of which for the cyberespionage was discovered earlier.

The attacks have targeted Catalan members of the European Parliament, all Catalan presidents since 2010, as well as Catalan legislators, lawyers, journalists, members of public organizations and their families.

For example, one of the members of the Catalan government received a phishing email containing a link to recommendations for what to do in cases of infection with COVID-19. Clicking on the link would have infected the targets’ computers with Candiru’s spyware.


One of the targets, Pau Escrich, received an email impersonating the Mobile World Congress (MWC), with a link to tickets. Had he clicked on the link, his computer would have been infected with Candiru’s spyware. The email content appears to be copied from a legitimate Mobile World Congress email sent to news105@tutanota[.]com, which may be an email address used by the spyware operators.


We have not found a single case of the HOMAGE exploit against devices with iOS versions higher than 13.1.3 among the Catalan victims. The vulnerability may have been fixed in iOS 13.2. We are not aware of any 0-day exploits deployed against Catalan targets running iOS versions 13.1.3 to 13.5.1.analysts of Citizen Lab write.

The researchers handed over all the collected data to Apple so that the company could conduct its own investigation. Let me remind you that we have already said that Apple sues NSO Group for Pegasus spyware. While researchers are slow to pinpoint the exact attribution of the attack, the company’s report states:

Citizen Lab does not currently attribute these hacks to a specific government, however a number of circumstantial evidence points to a clear link to one or more entities within the Spanish government.
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button