New Flaw in Apple Devices Led to Spyware Infection, Researchers Say

Apple iPhone 14 phones sit on display at an Apple Store at The Grove in Los Angeles, Sept. 16, 2022. (AP)
Apple iPhone 14 phones sit on display at an Apple Store at The Grove in Los Angeles, Sept. 16, 2022. (AP)
TT
20

New Flaw in Apple Devices Led to Spyware Infection, Researchers Say

Apple iPhone 14 phones sit on display at an Apple Store at The Grove in Los Angeles, Sept. 16, 2022. (AP)
Apple iPhone 14 phones sit on display at an Apple Store at The Grove in Los Angeles, Sept. 16, 2022. (AP)

Researchers at digital watchdog group Citizen Lab said on Thursday they found spyware they linked to Israeli firm NSO that exploited a newly discovered flaw in Apple devices.

While inspecting the Apple device of an employee of a Washington-based civil society group last week, Citizen Lab said it found the flaw had been used to infect the device with NSO's Pegasus spyware, it said in a statement.

"We attribute the exploit to NSO Group's Pegasus spyware with high confidence, based on forensics we have from the target device," said Bill Marczak, senior researcher at Citizen Lab, which is based at the University of Toronto's Munk School of Global Affairs and Public Policy.

He said the attacker likely made a mistake during the installation which is how Citizen Lab found the spyware.

Citizen Lab said Apple confirmed to them that using the high security feature "Lockdown Mode" available on Apple devices blocks this particular attack.

"This shows that civil society is once again serving as the early warning system about really sophisticated attacks," said John Scott-Railton, senior researcher at Citizen Lab.

Citizen Lab did not provide further details on the affected individual or the organization.

The flaw allowed compromise of iPhones running the latest version of iOS (16.6) without any interaction from the victim, the digital watchdog said. The new update fixes this vulnerability.

Apple issued new updates on its devices after investigating the flaws reported by Citizen Lab. An Apple spokesperson said it had no further comment, while Citizen Lab urged consumers to update their devices.

NSO said in a statement, "We are unable to respond to any allegations that do not include any supporting research."

The Israeli firm has been blacklisted by the US government since 2021 for alleged abuses, including surveillance of government officials and journalists.



Trump Joins Tech and Energy Executives amid AI Push

A car drives past a building of the Digital Reality Data Center in Ashburn, Virginia, US, March 17, 2025. REUTERS/Leah Millis/File Photo
A car drives past a building of the Digital Reality Data Center in Ashburn, Virginia, US, March 17, 2025. REUTERS/Leah Millis/File Photo
TT
20

Trump Joins Tech and Energy Executives amid AI Push

A car drives past a building of the Digital Reality Data Center in Ashburn, Virginia, US, March 17, 2025. REUTERS/Leah Millis/File Photo
A car drives past a building of the Digital Reality Data Center in Ashburn, Virginia, US, March 17, 2025. REUTERS/Leah Millis/File Photo

President Donald Trump will join executives from some of the largest US tech and energy companies for a summit in Pittsburgh on Tuesday as the administration prepares fresh measures to power the US expansion of artificial intelligence.

Top economic rivals US and China are locked in a technological arms race over who can dominate AI as the technology takes on increasing importance everywhere from corporate boardrooms to the battlefield.

The Energy and Innovation Summit at Carnegie Mellon University is expected to bring tech executives and officials from top energy and tech firms including Meta, Microsoft, Alphabet and Exxon Mobil to discuss how to position the US as a leader in AI. Trump will use the summit - put together by US Senator Dave McCormick, a Republican ally from Pennsylvania - to announce some $70 billion in artificial intelligence and energy investments in the state, Reuters reported.

Big Tech is scrambling to secure vast amounts of electricity supplies to power the energy-guzzling data centers needed for its rapid expansion of artificial intelligence. Companies began announcing their plans in early on Tuesday, with Google inking a $3 billion electricity deal and CoreWeave touting a $6 billion AI data center.

Google will invest $25 billion in regional data centers, while FirstEnergy will invest $15 billion in Pennsylvania's energy grid, Semafor reported. The CEOs expected to attend include Khaldoon Al-Mubarak of Mubadala, Rene Haas of Arm, Larry Fink of BlackRock, Darren Woods of ExxonMobil, Brendan Bechtel of Bechtel and Dario Amodei of Anthropic. The White House is considering executive actions in the coming weeks to make it easier for power-generating projects to connect to the grid and also provide federal land on which to build the data centers needed to expand AI technology, Reuters previously reported.

The administration is also weighing streamlining permitting for data centers by creating a nationwide Clean Water Act permit, rather than requiring companies to seek permits on a state-by-state basis.

Mike Sommers, head of the influential American Petroleum Institute, said executive action is welcomed to unlock the energy needed to power the data centers, but a more durable solution is needed.

"Real durable permitting reform requires an act of Congress, not just an executive order," Sommers said in an interview with Reuters. Trump ordered his administration in January to produce an AI Action Plan that would make "America the world capital in artificial intelligence" and reduce regulatory barriers to its rapid expansion.

That report, which includes input from the National Security Council, is due by July 23. The White House is considering making July 23 "AI Action Day" to draw attention to the report and demonstrate its commitment to expanding the industry, Reuters has reported.

US power demand is hitting record highs this year after nearly two decades of stagnation as AI and cloud computing data centers balloon in numbers and size across the country. The demand is also leading to unprecedented deals between the power industry and technology companies, including the attempted restart of the Three Mile Island nuclear power plant in Pennsylvania between Constellation Energy and Microsoft.

The surge has led to concerns about power shortages that threaten to raise electricity bills and increase the risk of blackouts, while slowing Big Tech in its global race against countries like China to dominate artificial intelligence.