Citizen Lab, an internet security watchdog group, said on Monday that an Israeli cyber surveillance firm built a tool to hack into Apple (AAPL.O) iPhones using a never-before-seen technique that has been in use since at least February
The discovery is significant since the vulnerability is crucial, requiring no user involvement and affecting all versions of Apple’s iOS, OSX, and watchOS, except those updated on Monday. The programme developed by NSO Group, an Israeli company, overcomes security mechanisms created by Apple in recent years.
Apple confirmed Citizen Lab’s findings by stating that the issue was fixed in Monday’s software update.
Also read : IPhone 12 Series Gets A Huge Discount In Flipkart Owing To IPhone 13 Release
In a statement, Ivan Krsti, head of Apple Security Engineering and Architecture, said, “After detecting the vulnerability utilised by this attack for iMessage, Apple quickly created and published a fix in iOS 14.8 to safeguard our users.” “Attacks like the ones described are very complex, cost millions of dollars to develop, have a short shelf life, and are used to target specific persons,” says the author.
“While this means they pose no harm to the vast majority of our users,” he continued, “we continue to work hard to secure all of our customers, and we are continually implementing additional security for their devices and data.”
IPhone software flaw
Apple refuses to comment on whether the hacking technique was developed by NSO Group.
NSO would not confirm or deny that it was behind the technique in a statement to Reuters, stating simply that it would “continue to deliver life-saving technologies to intelligence and law enforcement organisations around the world to fight extremism and crime.”
The malware was discovered on the phone of an unknown Saudi activist, according to Citizen Lab, and the phone had been infected with spyware in February. It’s unclear how many more people have been afflicted. For the attack to work, the intended targets would not have to click on anything. Researchers stated that they did not expect there would be any obvious evidence of a breach.
Also read : Unknown Reality Of Drone Swarms: An Oozing Out The Theory
The flaw is in the way iMessage renders photos automatically. NSO and other cyber arms dealers have frequently targeted IMessage, pushing Apple to change its design. However, the system has not been entirely safeguarded as a result of the upgrade.
The rise in ransomware attacks on key infrastructure has sparked a renewed focus on cybersecurity in the White House, as well as renewed calls for regulation and international agreements to combat malicious hacking.
NSO is being investigated by the FBI, and Israel has formed a senior inter-ministerial team to investigate claims that its spyware has been misused on a global scale.
Even though NSO claims to vet the governments to whom it sells, its Pegasus spyware has been discovered on the phones of activists, journalists, and opposition politicians in nations with a bad human rights record.
Also read : What Is This Pegasus? Why Are Big Giants Worried About It?
Follow us on Twitter, Telegram and Instagram