Apple on Monday issued emergency software updates for a critical vulnerability in its products after security researchers uncovered a flaw that allows highly aggressive spyware. Israel’s NSO Group To infect someone’s iPhone, Apple Watch or Mac computer without a single click.
Following researchers, Apple’s security team has been working round the clock to develop a fix since Tuesday civil laboratory, a cybersecurity monitoring organization at the University of Toronto found that a Saudi worker’s iPhone had been infected with spyware from the NSO group.
Spyware called Pegasus used a novel method to invisibly infect an Apple device without the victim’s knowledge for six months. Known as the “zero click remote exploit”, it is considered the Holy Grail of surveillance because it allows governments, mercenaries and criminals to secretly sneak into a victim’s device.
Using a zero-click transition method, Pegasus can turn on a user’s camera and microphone, record their messages, texts, emails, calls – even encrypted messaging and via phone apps like Signal sent – and can be sent back to NSO’s customers in the surrounding governments. World.
“This spyware can do everything an iPhone user can do on their device and more,” said John Scott-Railton, a senior researcher at Citizen Lab.
In the past, victims only learned that their devices had been infected with spyware after receiving a suspicious link on their phone or email. But NSO Group’s zero-click capability gives no such signal to the victim, and enables full access to a person’s digital life. These capabilities can fetch millions of dollars in the underground market for hacking tools.
An Apple spokesperson confirmed Citizen Lab’s assessment and said the company plans to add spyware barriers to its next iOS 15 software update, which is expected later this year.
NSO Group did not immediately respond to inquiries on Monday.
NSO Group has been in controversy for a long time. The company said it only sells its spyware to governments that meet strict human rights standards. But over the past six years, its Pegasus spyware There have been calls from activists, dissidents, lawyers, doctors, nutritionists and even children In countries like Saudi Arabia, United Arab Emirates and Mexico.
In July, the NSO group became the subject of intense media scrutiny after a consortium of media organizations joined forces with Amnesty International, human rights watchdog, and Forbidden Stories, a group that focuses on free speech. “Pegasus Project” He went on to publish a list that included some 50,000 people, including hundreds of journalists, government leaders, dissidents and activists selected as targets by NSO’s clients.
The union did not disclose how it obtained the list and it was unclear whether the list was aspirational or whether people were actually targeted with NSO spyware.
Among those listed was Azam Ahmed, former bureau chief for the New York Times Mexico City, who has reported extensively on corruption, violence and surveillance in Latin America. Includes on NSO only; and Ben Hubbard, the Times bureau chief in Beirut, which has investigated rights abuses and corruption in Saudi Arabia and recently wrote a Biography Saudi Crown Prince Mohammed bin Salman.
NSO Group co-founder Shalev Hulio vehemently denied the list’s accuracy, telling The Times, “It’s like opening the white pages, picking 50,000 numbers and drawing some conclusions from it.”
NSO’s customers had previously infected their targets using text messages that prompted victims to click on a link. Those links made it possible for journalists to investigate the possible presence of NSO’s spyware. But the new zero-click method makes detecting spyware by journalists and cyber security researchers much harder.
“The commercial spyware industry is going deep,” said Mr Markzak, a researcher at Citizen Lab who helped uncover the exploit over the phone of a Saudi worker.
Mr Scott-Railton urged Apple customers to run their software updates.
“Do you have an Apple product? Update it today,” he said.