Apple releases software patch for flaw linked to Pegasus spyware

By Team Newsable  |  First Published Sep 14, 2021, 1:33 PM IST

The Israeli business NSO Group's Pegasus software has come under fire after an international media investigation alleged it was used to eavesdrop on the phones of human rights campaigners, journalists, and even leaders of the state.


Apple issued a patch on Monday for a flaw that allows the spyware at the centre of the Pegasus controversy to infect devices without consumers having to click on a malicious message or link. The Israeli business NSO Group's Pegasus software has come under fire after an international media investigation alleged it was used to eavesdrop on the phones of human rights campaigners, journalists, and even leaders of the state.

The issue was discovered by researchers at Citizen Lab, a Canadian cybersecurity watchdog organisation while studying a Saudi activist's phone that had been hacked with the malware.
"We discovered that the mercenary spyware business NSO Group used the vulnerability to remotely attack and infect the most recent Apple devices with the Pegasus malware," Citizen Lab stated in a blog post.

Tap to resize

Latest Videos

Tap to resize

 

We determined that the mercenary spyware company NSO Group used the vulnerability to remotely exploit and infect the latest Apple devices with the Pegasus spyware. We believe that FORCEDENTRY has been in use since at least February 2021.

— Citizen Lab (@citizenlab)

Citizen Lab analysed the activist's phone in March and discovered that it had been infected with Pegasus spyware introduced over iMessage texting and that it didn't even need the phone's owner to click.

Also Read | Apple Event 2021: From iPhone 13 to AirPods 3; Here's everything about today's event

Apple claimed it "rapidly" produced the upgrade following Citizen Lab's discovery of the vulnerability hours after issuing the patch. "Attacks like the ones mentioned are very complex, cost millions of dollars to create, frequently have a short shelf life, and are used to target specific persons," according to the firm. NSO did not deny that Pegasus was the catalyst for the urgent software upgrade and stated that it will "continue to offer intelligence and law enforcement organisations throughout the world with life-saving technology to fight terror and crime."

click me!