Apple released security updates for its iPhones, iPads, Apple Watches and Mac computers earlier this week that shut down a vulnerability that was allegedly exploited by invasive spyware built by NSO Group, an Israeli security company.
On Monday, the tech giant released a security notice for iOS 14.8 and iPadOS 14.8 indicating that some malicious PDFs could take advantage of its operating systems. “Processing a maliciously crafted PDF may lead to the execution of arbitrary code,” the note said. “Apple is aware of a report that this issue may have been actively exploited. ”
Apple also released WatchOS 7.6.2, MacOS Big Sur 11.6, and a security update for MacOS Catalina to address the vulnerability.
The fix, previously reported by The New York Times, stems from research by a public interest cybersecurity group called Citizen Lab that discovered that a Saudi activist’s phone had been infected with Pegasus, the most common product. known to NSO. According to Citizen Lab, the zero-day, zero-click exploit against iMessage, which he dubbed ForcedEntry, targets Apple’s image rendering library and has been effective against iPhones, laptops and Apple watches in the United States. ‘business.
Citizen Lab, based at the University of Toronto, said it had determined that NSO had used the vulnerability to remotely infect devices with its Pegasus spyware, adding that it believed the exploit had been in use since at least February. He urged all Apple users to update their operating systems immediately.
“Ubiquitous chat apps have become a major target for the most sophisticated threat actors, including nation-state spy operations and the mercenary spyware companies that serve them,” Citizen Lab said in a report. report. “As currently designed, many chat apps have become an irresistible soft target. “
The security update rolled out a day before Apple unveiled a list of new products, including iPads, Apple Watches, and iPhones. The company used the device rollout in the fall, which is one of the company’s biggest annual events, to tout its security measures. Claiming privacy is “built in from the start,” Apple said the next version of its iOS software will block trackers and prevent email monitoring, among other security provisions.
Apple thanked Citizen Lab for providing a sample of the exploit, which the iPhone maker said was not a threat to most of its users.
“Attacks like the ones described are very sophisticated, cost millions of dollars to develop, often have a short lifespan, and are used to target specific individuals,” said Ivan Krstić, who heads engineering and operations operations. Apple’s security architecture, in a statement. “While this means that they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all of our customers, and we are constantly adding new protections for their devices and data. “
In July,attempted or successful installations of Pegasus on 37 telephones of activists, journalists and businessmen. All but three of the devices were iPhones. Some people appear to have been the target of covert surveillance via Pegasus, software believed to be used to pursue criminals and terrorists. The spyware is said to be able to access and record texts, videos, photos and web activity, as well as passively save and recover passwords on a device.
NSO released a statement Monday evening that did not directly address Apple’s update, but said it will “continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight against terrorism and crime ”.
The company, which licenses surveillance software to government agencies, says its Pegasus software helps authorities fight criminals and terrorists who take advantage of encryption technology to go “dark.” Pegasus secretly works on smartphones, giving insight into what their owners are up to. Other companies offer similar software.
CEO Shalev Hulio co-founded the company in 2010. In addition to Pegasus, NSO offers other tools that can track where a phone is in use, defend against drones, and harness data from forces of the United States. the order to locate the models.
NSO has been involved in other hacks, including the high-profile hack by Amazon founder Jeff Bezos in 2018. In the same year, a Saudi dissident sued the company for its alleged role in hacking a device owned by to journalist Jamal Khashoggi, who was assassinated. inside the Saudi Embassy in Turkey.