iPhone Security System Vulnerabilities Revealed Again, Here's The Explanation

Israel-based cyber surveillance company developed a tool to break into iPhones. (photo; doc. unsplash)

JAKARTA - An Israel-based cyber surveillance company developed a tool to break into Apple's iPhone with a never-before-seen technique. But according to internet security watchdog group Citizen Lab, Monday, September 12, this technique has been in use since at least February,

This discovery is important because of the critical nature of the vulnerability, which requires no user interaction and affects all versions of Apple iOS, OSX, and watchOS, except those updated last Monday.

The tool developed by an Israeli company, called the NSO Group, beats the security systems designed by Apple in recent years. Apple said it fixed the vulnerability in Monday's software update, confirming these Citizen Lab findings.

"After identifying the vulnerability used for the iMessage exploit, Apple quickly developed and implemented a fix in iOS 14.8 to protect our users", said Ivan Krstić, Apple's head of Security Engineering and Architecture, in a statement.

"Attacks, as described, are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals", Krstic added.

"While that means they are not a threat to most of our users, we continue to work tirelessly to defend all of our customers, and we are constantly adding new protections for their devices and data".

An Apple spokesperson declined to comment on whether the hacking technique originated with the NSO Group.

In a statement to Reuters, NSO did not confirm or deny that it was behind the technique, only saying that it would "continue to provide intelligence and law enforcement agencies around the world with life-saving technology to combat terror and crime".

Citizen Lab said it found malware on the phone of an unnamed Saudi Arabian activist and that the phone had been infected with the spyware in February. It is not known how many other users may have been infected.

The target in question does not need to click anything for the attack to succeed. Researchers say they don't believe there will be any visible indication that a hack has taken place.

The vulnerability lies in how iMessage automatically creates images. iMessage has been repeatedly targeted by NSO and other cyberweapons dealers, prompting Apple to update its architecture. But that upgrade doesn't fully protect the system.

"Popular chat apps risk being at the bottom of device security. Securing them should be a top priority", said Citizen Lab researcher John Scott-Railton.

The US Cybersecurity and Infrastructure Security Agency did not immediately comment.

Citizen Lab said some details in the malware overlap with previous attacks by NSO, including some that were never publicly reported. One process in the hacking code was named "set framed," the same name given to the 2020 infection on a device used by a journalist at Al Jazeera.

"Device security is increasingly being challenged by attackers", said Citizen Lab researcher Bill Marczak.

A record number of previously unknown attack methods, which could sell for $1 million or more, has been revealed this year. The attack was labeled "zero-day" because the software company had no advance notice of the problem.

Along with a surge in ransomware attacks against critical infrastructure, the explosion of such attacks has sparked a renewed focus on cybersecurity at the White House as well as new calls for regulation and international treaties to control malicious hacking.

The FBI has investigated NSO, and Israel has set up a senior inter-ministerial team to assess allegations that its spyware has been abused on a global scale.

Although NSO has said it is checking the government that sold it, its Pegasus spyware has been found on the phones of activists, journalists, and opposition politicians in countries with poor human rights records.