A new exploit (a program that exploits vulnerabilities) has been discovered by analysts at Citizen Lab, one of the companies that received the most attention to the Pegasus program. Another development by NSO Group uses the zero-click approach when the smartphone owner does not require any action (click) to infect the device. In the case of Pegasus, for example, it’s enough to get a notification on the iPhone that doesn’t even need to be opened.

What did they learn about the program and who did they follow?

• The iMessage exploit targets the HOMAGE vulnerability found in some iOS versions from 13.2 to the current 15.4.
• Researchers found that the attack was aimed at the smartphones of Catalan politicians, journalists and activists.
• In particular, members of the European Parliament, all the presidents of Catalonia since 2010, as well as Catalan legislators, lawyers, journalists, members of public institutions and their families.
• According to experts, the exploit, along with the Kismet exploit and the WhatsApp vulnerability, was used from 2017 to 2020 as part of a campaign targeting at least 65 people.

Currently, Citizen Lab does not attribute these hacking operations to any particular government, but a range of indirect evidence suggests a clear link with one or more organizations in the Spanish government.
– said in a report by a Canadian research laboratory.

Catalonia’s reaction and what history is behind this confrontation?

The regional leader of Catalonia, which has long sought independence from Spain and failed to declare it in the 2017 referendum, has already accused the Spanish government of spying.

This is an unfair shame. Extremely serious attack on fundamental rights and democracy,
Pere Aragones wrote on Twitter.

Interestingly, the viewing dates and attempts to declare independence overlap. It can be assumed that these separatist sentiments in Catalonia prompted the country’s authorities to set up a spy network.

• Mass protests and attempts to secede from Spain have periodically occurred in the region since the late 1800s.
• In 2006, such a demonstration gathered 1.5 million independence supporters.
• Despite some concessions from the country’s authorities, more than 90 percent of the population supported Catalonia’s independence from Spain in 2010, according to unofficial polls.
• In 2012, another protest with the slogan “Catalonia is the new state of Europe” was held, bringing together 1.5 million people, and regional elections brought the pro-independence supporters to power. At the same time, new attempts at secession began: on January 23, 2013, the Parliament proclaimed the Declaration of Sovereignty, and a referendum was planned for 2014. However, it did not happen at the appointed time.
• The next attempt was made in 2017. The referendum was scheduled for October, but the government intervened and a series of measures thwarted their plans. In particular, it blocked 1,300 polling stations out of 2,315 existing sites and 140 sites with information about the referendum.
• Despite this, the people began to gather in the streets of the squares and clashed with the police.
• Another attempt failed.

what now

Information gathered about the new NSOGroup exploit has been forwarded to Apple so it can conduct its own investigation. Previously, similar research by third-party companies allowed developers to patch the vulnerability that was once used by Pegasus.