Hostile Pegasus Code Found in an iPhone, Apple Offers Fix in New Software Update

The technique used to gain secret access to Apple devices through iMessages is called a 'zero-click attack'.

The Quint
Tech and Auto
Published:
<div class="paragraphs"><p>In 2019, Pegasus spyware used WhatsApp video missed call to attack mobile phones. In 2021, they used iMessage to inject malware in user's mobile phones, say cyber experts.</p></div>
i

In 2019, Pegasus spyware used WhatsApp video missed call to attack mobile phones. In 2021, they used iMessage to inject malware in user's mobile phones, say cyber experts.

(Photo: Shruti Mathur/The Quint)

advertisement

After spyware researchers at Citizen Lab discovered a malicious code used to attack iPhones through iMessage, United States (US) tech giant Apple offered a fix to prevent the Pegasus exploit for their users on Monday, 13 September, a report by The Washington Post said.

A consortium of over 15 news organisations around the world had published an investigative report about Israel-based NSO Group's spyware Pegasus and were able to identify the owners of over 1,571 numbers spread across at least 10 countries which might have been a target of surveillance.

The list of numbers provided by France-based media non-profit, Forbidden Stories, and Amnesty International included names of journalists, human rights activists as well as opposition government leaders around the world.

As per the Washington Post report, this is the first time a hostile code used in Pegasus hack has surfaced since 2019.

The hack was discovered on an iPhone owned by a Saudi activist, however, the researchers have declined to name them. Further, Citizen Lab did not reveal which probable NSO governmental client deployed Pegasus against the activist.

FORCEDENTRY: A No Click Attack

According to researchers, the technique used to gain secret access to Apple iPhones, MacBooks and Apple Watches has been active since February and is called a “zero-click attack”.

Termed FORCEDENTRY, the 'zero-click' exploit reportedly gives way to the spyware to install itself on a device without the user doing anything.

By infiltrating through iMessage, FORCEDENTRY can transform the phone into a snooping device, activating cameras, microphones, and giving the client access to the location data, messages, call logs, and even emails of the targeted person.

The discovery has re-asserted the vulnerability of messaging platforms in the face of surveillance methods, The Washington Post noted.

However, speaking of the discovery, a researcher for Citizen Lab John Scott-Railton reportedly stated, “We wouldn’t have discovered this exploit if NSO’s tool wasn’t used against somebody they shouldn’t be targeting."

What Apple Has Said

In a document on security content of iOS 14.8, Apple said, “Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.”

Head of Apple security engineering and architecture Ivan Krstić thanked Citizen Lab in an email, and lauded them for "successfully completing the very difficult work of obtaining a sample of this exploit so we could develop this fix quickly.”

The email added, "Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data.”

(With inputs from The Washington Post.)

(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)

Published: undefined

ADVERTISEMENT
SCROLL FOR NEXT