The hack was carried out by using code flaws in how Apple devices render images and PDFs, it said.
APPLE SECURITY UPDATE PEGASUS INSTALL
The government has said it is not in a position to share these details because of national security implications.Īpple and security researchers urged everyone using an iPhone, Apple Watch or a Mac to immediately install the latest software update.Ĭitizen Lab, which named the latest method of hacking phones FORCEDENTRY, discovered it while analysing the phone of a Saudi activist in March. India’s Supreme Court too is expected to decide this week if and how it wants the Union government to answer questions on whether the spyware was used against Indian citizens, including current and former ministers, opposition leaders, judges, journalists and activists. Since then, Microsoft, Google, Cisco, and VMWare have supported Facebook’s lawsuit against NSO Group. In 2019, Facebook sued NSO Group for a similar abuse of its systems when Pegasus was delivered to victims’ phones – including over a dozen in India – using flaws in WhatsApp.
In a statement to Reuters, NSO did not confirm or deny that it was behind the technique, saying only that it would “continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight terror and crime.”Ĭompanies such as Apple are locked in a cat-and-mouse chase with companies such as NSO Group to fix flaws in their software before they are exploited for cyber surveillance and by cyber criminals.
again: their exploits got discovered by us because they were used against an activist,” said John Scott-Railton, senior researcher at Citizen Labs, in a tweet on Tuesday.
NSO Group has maintained that it serves only to vetted government clients for law enforcement against criminals and terrorists. “We’d like to commend Citizen Lab for successfully completing the very difficult work of obtaining a sample of this exploit so we could develop this fix quickly,” the statement also said. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data,” said Ivan Krstić, head of Apple Security Engineering and Architecture, in a statement issued by the company. “Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. The software flaw, like the others NSO is reported to have often leveraged, was particularly worrying since it allowed for the spyware to be inserted silently without needing to fool the victim into opening suspicious links or files.Īpple confirmed a “sophisticated” attack had taken place exploiting the flaw, although it did not name NSO Group or Pegasus. The new version of the spyware was found by Canadian cyber security researchers at Citizen Labs, who discovered Pegasus implanted in the phone of a Saudi activist. Cyber surveillance company NSO Group has used new methods to deploy its military grade spyware Pegasus by leveraging previously unknown flaws in Apple’s software, prompting the company to issue a security update to millions of its customers late on Monday.
0 kommentar(er)
