Apple announces emergency software updates to prevent Pegasus spyware zero-click attack
On Monday, Apple Inc. announced a series of emergency software updates to forestall risks that could enable Israeli company NSO Group spyware Pegasus to infect Apple products. The latest forensic analysis by researchers at Citizen Lab revealed proof that NSO Group’s spyware could corrupt new iPhone models, especially iPhone 12 and iPhone 11, via an iMessage zero-click attack.
As per the New York Times, Apple released series of security updates for all its product lines on Monday. As per senior analyst at Citizen Lab, John Scott-Railton, ” the Pegasus spyware can perform everything an iPhone user does on their gadget, and it’s capable for a lot more.”
The head of Security Engineering and Architecture at Apple, Ivan Krstić, praised Citizen Lab for effectively doing the undeniably challenging work of collecting a sample of this so that we could build a security update to fix it soon.
“Attacks like the ones depicted are profoundly sophisticated and fairly expensive to develop. They often have a service life and are utilized to target explicit people,” Krstić added.
In a statement on Monday, a representative for NSO Group told The Hill that “NSO Group will keep on providing law enforcement and intelligence agencies throughout the globe with latest technologies to help combat terrorism and crime” however, he didn’t remark anything on the Citizen Lab report.
Pegasus is the hacking spyware or software created, licensed to governments worldwide by an Israeli company named NSO Group. The spyware has the capability to corrupt any iOS or Android mobile phone.
The NSO’s spyware ability to attack has grown more advance. Pegasus can infect iPhones by a “zero-click” attack, which doesn’t need any connection from the telephone’s owner to fulfill spying activities. These will regularly take advantage of “zero-day” vulnerabilities, defects or bugs in the cell phone operating system.
As of late, NSO has started taking advantage of weaknesses in Apple’s iMessage software, providing it with a backdoor entry to millions of iPhones user’s mobiles. To forestall such spyware attacks, Apple Inc. is continuing to update all its gadgets. In 2019 WhatsApp disclosed that Pegasus was utilized to send malware to over a thousand cell phones via zero-day vulnerability. The Guardian detailed that just by sending a WhatsApp call to a targets gadget, the Pegasus code could be installed on their device, regardless of whether the person never picks or rejects the call.