iVerify Discovers Anomalous Signals on 7 iPhones
In a recent finding, security firm iVerify revealed that several individuals, including a leader of a prominent company, had their iPhones targeted with the Pegasus spyware. While journalists, human rights defenders, lawmakers, and political officials are often subject to state surveillance, reports of business leaders being compromised by spyware are rare but not unheard of.
Commercial Espionage: A Growing Concern
The findings come as a warning that spyware typically used by governments for crime prevention and terrorism can also be misused for commercial espionage. iVerify chief executive Rocky Cole declined to name the targeted individual, stating only that the business leader was "completely surprised" by the attempt to compromise their phone.
NSO Group’s Response
When contacted by TechCrunch, NSO Group spokesperson Gil Lainer stated that Pegasus is "sold exclusively to vetted U.S. & Israel-allied intelligence and law enforcement agencies." However, he declined to comment on whether the spyware was used to target private industry executives.
iVerify’s Detection Methodology
iVerify offers an eponymous app that scans mobile devices for signs of malware. The security firm detected evidence of compromise on seven iPhones, some of which were running newer versions of iOS 16.6 in late 2023 at the time of detection. Cole stated that the number of newly identified infections is not representative of the general population, given that its app users are more likely to be at higher risk of state-backed targeting.
The iVerify App: A Unique Approach
iVerify’s app analyzes other telemetry data within Apple’s privacy constraints, such as on-device diagnostic logs, to help determine if a device might be compromised. The company’s chief executive stated that the app allows for the detection of spyware "at scale."
Government Hackers Reusing Spyware Exploits
Security researchers note that the proliferation of commercial spyware has led to its misuse by government actors. Cole pointed out that if Salt Typhoon, a China-backed hacking group, is linked to the targeting of these phones, it could be an example of the reuse of commercial capabilities.
Related Topics
- Apple
- Cybersecurity
- iPhones
- iVerify
- NSO Group
- Pegasus
- Security
- Spyware
- US Government
About the Author
Zack Whittaker is the security editor at TechCrunch. You can send tips securely via Signal and WhatsApp to +1 646-755-8849 or reach him by email at zack.whittaker@techcrunch.com.
Stay Up-to-Date with the Latest Security News
Subscribe to TechCrunch’s newsletters, including:
- TechCrunch Daily News
- TechCrunch AI
- TechCrunch Space
- Startups Weekly
