Apple issued an urgent update to the security protection settings in its devices, following reports that revealed new spyware believed to belong to the Israeli company NSO. Citizen Lab, an independent cybersecurity watchdog, said last week it had found the malware on the phone of a Saudi opposition activist.
Researchers claim that this software is used by NSO to extract data and remotely control devices.
Citizen Lab said that the Israeli company has developed a tool through which it is possible to hack phones in an unprecedented manner that no one has used before, suggesting that this tool has already begun to be used last February.
The importance of this discovery lies in the nature of the electronic vulnerability caused by this dangerous malware known as “Pegasus”, as it does not need interaction from the phone user in order to be penetrated. This tool can also hack all operating systems developed by Apple, the maker of the iPhone, including iOS, OSX, and watchOS, except for those that are updated on Monday.
The tool, developed by the Israeli company, goes beyond the security systems that Apple has developed in the past few years.
Apple announced that it had already begun fixing the vulnerability in its operating systems, which is believed to have enabled an Israeli company to hack iPhones with the Pegasus malware.
Apple said it fixed the vulnerability in a software update Monday. “After learning about the vulnerability being exploited through the iMessage app, Apple has made a quick fix for iOS 14.8 to protect our users,” said Apple’s chief of cybersecurity design and engineering.
He added: “Attacks such as these are very complex and require millions of dollars to be executed, and often cannot continue penetrating operating systems for a long time, and are used to target specific people.”
He continued, “While these attacks do not pose a threat to the vast majority of our users, Apple continues to work relentlessly to defend all users of its phones and software, and we provide continuous protections for devices and data.”
“We can confirm that the NSO group that develops spyware exploited a vulnerability to penetrate iPhones with its Pegasus malware,” Citizen Lab said.
“Life Saving Technology”
An Apple spokesperson declined to comment on whether the Israeli company NSO was behind the tool that can be used to hack iPhone smartphones produced by the American company.
In a statement sent to Reuters, the Israeli NSO did not confirm whether or not it was behind the loophole, but said: “We will continue to provide intelligence and law enforcement agencies around the world with life-saving technology to fight terrorism and crime.”
Citizen Lab said it had discovered the malware on the phone of a Saudi activist who was attacked with spyware in February, but confirmed that it did not know how many phones might have been affected by those attacks.
Hacking the phone using this software does not require the user to press anything, and researchers also confirmed that there are no visible signs that the phone has been hacked.
The vulnerability used to penetrate Apple phones is found in the iMessage application that automatically displays images, an application that has been exposed several times to targeting from NSO and other companies developing spyware, which prompted Apple to update the operating system of its phones, but it was unable to provide Its full protection.
“Conversational apps are the most significant weakness in the security of any communications device, so their security should be prioritized,” said John Scott Railton, a cybersecurity researcher with the monitoring group Citizen Lab.
The US Cyber Security Agency has not commented on what has been revealed by Citizen Lab so far.
The monitoring group stated that there are many details in common between the hacking method it discovered recently and the hacking operations carried out by NSO before, including previously unreported attacks. The method of handling the hack code, dubbed “Setframed” used in the hack discovered by Citizen Lab, was the same as the way it handled the hack code that was exposed to a phone used by a journalist on Al Jazeera in 2020.
This year saw the unveiling of a record number of cyber attack methods, valued at about $1 million and more. The term “zero-day” is now used to describe this software because it does not give the companies it targets any notification of a cyber attack.
The Pegasus hacking software has become more effective and powerful than it was five years ago when it was discovered by the monitoring group Citizen Lab and the Lookout Foundation, both of which are concerned with cybersecurity.
Pegasus is characterized by the fact that it does not need any interaction from the user in order to work, as it works without the slightest need to click on links, enter any pages or run any electronic applications, which gives it the ability to work silently without any indication on the hacked device that it It was attacked by this software.
Pegasus can also turn a smartphone’s camera into a microphone and collect data on the phone.
Despite asserting that Soo is studying the situation of governments to which it sells spyware, the Pegasus spyware was found on the phones of activists, journalists, and dissidents in countries with a poor human rights record.
The FBI is investigating NSO, and Israel has set up an inter-ministerial committee to investigate allegations the company breached international standards.
An international investigative report published last July said that a large number of governments used Pegasus, which is being developed by the Israeli company NSO, to spy on activists, journalists and politicians.
United Nations experts demanded that sales of surveillance technology be halted until rules are in place to protect human rights from such technologies, after the Israeli spyware scandal was discovered.