Apple Releases Emergency Update After Pegasus Spyware Exploits IPhone Users
JAKARTA - Apple issued an emergency software update for security vulnerabilities in its products recently, after security researchers discovered spyware from Israel's NSO Group to infect the tech giant's devices.
Citing Bloomberg, Monday, September 20, the spyware targets any Apple device including iPhone, iPad, Apple Watch or any Mac computer without many clicks.
Revealed by Citizen Lab, the vulnerability allowed hackers to use the Pegasus NSO malware to gain access to a device owned by an unnamed Saudi Arabian activist. Apple said the vulnerability could be exploited if a user on a vulnerable device received a PDF file containing a malicious virus document.
Citizen Lab discovered that the iPhone of a Saudi Arabian activist had been infected with a sophisticated form of spyware from NSO. Pegasus, uses a new method to infect Apple devices without the victim's knowledge. Known as a clickless remote exploit, it is considered the Holy Grail of surveillance because it allows governments, mercenaries, and criminals to secretly break into someone's device without notifying the victim.
Using a no-click infection method, Pegasus can turn on a user's camera and microphone, recording messages, texts, emails, calls, even those sent via encrypted messaging and phone apps like Signal. Then send it back to NSO clients in governments around the world.
In response, Apple then patched bugs on iPhone, iPad, Mac, and Apple Watch via software updates iOS 14.8, iPadOS 14.8, macOS 11.6 and watchOS 7.6.2. The software release comes a day before Apple's product launch event last week. The company is expected to announce a release date for iOS 15, Apple's next major software update, which will contain additional security protections.
"After identifying the vulnerabilities used by this exploit for iMessage, Apple quickly developed and implemented fixes in iOS 14.8 to protect our users," said head of security engineering and architecture at Apple, Ivan Krstić.
"We would like to commend Citizen Lab for successfully completing the extremely difficult work of obtaining a sample of this exploit so that we were able to quickly develop this fix."
Krstić adds that attacks like these are highly sophisticated, cost millions of dollars to develop, often have a short shelf life and are used to target specific individuals.
“While that means they are not a threat to most of our users, we continue to work tirelessly to defend all of our customers, and we are constantly adding new protections for their devices and data,” said Krstić.
NSO has long been controversial. The company has said that it sells spyware only to governments that meet strict human rights standards and explicitly requires customers to agree to use spyware only to track terrorists or criminals.
Then in December, Citizen Lab reported that NSO spyware was used to target the devices of 36 Al Jazeera employees. Citizen Lab said it believed the hack was carried out on behalf of Saudi Arabia and the United Arab Emirates.
Hacking in 2020 is similar to the one described above in that it doesn't require the victim to click on a malicious link, which means there's no way to defend against hacking.