Apple releases emergency security update to fix spyware vulnerabilities

Apple releases emergency security update to fix spyware vulnerabilities

Since at least march , Apple product including iPhone may have been infected with spyware

After security researchers discovered a critical vulnerability in Apple’s products, Apple released an emergency software update on Monday that allows Israel’s NSO Group’s highly invasive spyware to infect anyone’s iPhone and iWatch without a click. Or Mac computer. After researchers from the Citizen Lab, a cyber 

security monitoring organization at the University of Toronto, discovered that the iPhone of a Saudi activist was infected with spyware from the NSO Group, Apple’s security team has been working day and night

 to develop repairs since last Tuesday. program. This spyware, called Pegasus, uses a new method to silently infect Apple devices without the victim’s knowledge, even for six months. It is called "zero-click remote 

vulnerability exploitation" and is regarded as the highest state of surveillance because it allows governments, mercenaries, and criminals to secretly hack into their devices without the victims getting any prompts. Using the zero-click infection method, Pegasus can turn on the user’s camera and microphone, record

 their messages, text messages, emails, phone calls (even sent through encrypted messages and mobile apps 
like Signal), and send them back NSO's government clients in countries around the world

This spyware can do everything iPhone users do on their devices, and more," said John Scott-Railton, a senior researcher at Citizen Lab, who worked with Citizen Lab Senior researcher Bill Marczak (Bill Marczak) collaborated on the study of the discovery. In the past, victims only knew that their device was infected with spyware after 

receiving a suspicious link sent to their mobile phone or email. But NSO Group’s zero-click features will not give victims such a prompt, they can fully contact a person’s digital life. These features can earn millions of dollars in 

the underground market of hacking tools. An Apple spokesperson confirmed the citizenship. The laboratory’s assessment and stated that the company plans to add a spyware barrier to the next iOS 15 software update to be launched later this year. NSO Group did not immediately respond to inquiries on Monday

The NSO Group has long caused controversy. The company said it only sells its spyware to governments that strictly comply with human rights standards. But in the past six years, its Pegasus spyware has appeared on the mobile phones 

of activists, dissidents, lawyers, doctors, nutritionists and even children in countries such as Saudi Arabia, the United Arab Emirates and Mexico. In July, the NSO Group became the subject of close attention by the media. Prior to this, the human rights watchdog Amnesty International and the freedom-of-speech organization "Forbidden Stories" 

cooperated with the alliance of media organizations to launch the "Pegasus Project." They published a list that they said contained approximately 50,000 people, including hundreds of journalists, government leaders, dissidents and activists who were selected as targets by the NSO Group’s customers.

The alliance did not disclose how it obtained the list, and it is not clear whether this is a planned intrusion list or whether these individuals have become targets of NSO spyware. The list includes former "New York Times" Mexico City bureau chief Azam Ahmed (Azam Ahmed), who has extensively reported on corruption, violence and surveillance in

 Latin America, including the NSO Group itself; and the "New York Times" Ben Hubbard, the bureau chief in Beirut, has investigated human rights violations and corruption in Saudi Arabia and wrote the recently published biography of 

Saudi Crown Prince Mohammed bin Salman. Shalev Hulio, the co-founder of the NSO Group, firmly denied the accuracy of the list and told the New York Times, “It’s like opening a phone book, choosing 50,000 numbers and deriving from it. Some conclusions."


Leave a Reply

Your email address will not be published.