Experts have discovered a new zero-click exploit HOMAGE by NSO Group

Citizen Lab analysts have discovered a new HOMAGE zero-click exploit for iMessage, which was used to install NSO Group spyware on iPhones owned by Catalan politicians, journalists and activists.

According to experts, the exploit was used between 2017 and 2020, as part of a campaign that targeted at least 65 people, along with the Kismet exploit developed by the NSO group and the WhatsApp vulnerability, the use of which for the cyberespionage was discovered earlier.

The attacks have targeted Catalan members of the European Parliament, all Catalan presidents since 2010, as well as Catalan legislators, lawyers, journalists, members of public organizations and their families.

For example, one of the members of the Catalan government received a phishing email containing a link to recommendations for what to do in cases of infection with COVID-19. Clicking on the link would have infected the targets’ computers with Candiru’s spyware.

One of the targets, Pau Escrich, received an email impersonating the Mobile World Congress (MWC), with a link to tickets. Had he clicked on the link, his computer would have been infected with Candiru’s spyware. The email content appears to be copied from a legitimate Mobile World Congress email sent to news105@tutanota[.]com, which may be an email address used by the spyware operators.

The researchers handed over all the collected data to Apple so that the company could conduct its own investigation. Let me remind you that we have already said that Apple sues NSO Group for Pegasus spyware. While researchers are slow to pinpoint the exact attribution of the attack, the company’s report states: