Undisclosed HomeKit flaw used by Cellebrite to attack Serbian journalists
Undisclosed HomeKit flaw used by Cellebrite to attack Serbian journalists
Share:
Malware. Apple's HomeKit is under scrutiny, as Serbian authorities are suspected of exploiting it to install Pegasus spyware without any user interaction at all. Reported by Amnesty International, at the center of the spyware campaign are two tools — the infamous Pegasus spyware and a locally developed system called NoviSpy. Pegasus, created by Israel's NSO Group, is powerful.
While Serbia's use of spyware tools has gained recent attention, Pegasus has been deployed globally. Governments and organizations worldwide have used it to target journalists, human rights defenders, and opposition leaders. Pegasus, developed by Israel's NSO Group, exploits zero-day vulnerabilities, are flaws unknown to software makers, to infect devices silently. Once installed, it can scrape messages, emails, photos, and media files while also turning the phone into a surveillance tool.
Reportedly, no user interaction, like clicking a link, is required to start the attack. NoviSpy operates similarly but appears locally tailored for Serbia. Unlike Pegasus, which has global reach, NoviSpy has reportedly been installed during physical seizures of devices at police traffic stops or "informational interviews.".
While Cellebrite sells their tools for forensic uses, it can be misused by state actors to unlock phones, bypassing security measures and enabling spyware installation. One journalist, Slavisa Milanov, noticed his phone acting strangely after leaving it at a police station for just a few minutes. The analysis revealed that not only was his phone unlocked using Cellebrite but also that NoviSpy had been installed during that time.
-0-15-screenshot-xl.jpg)