Urgent iPhone software update issued to address critical spyware vulnerability
CUPERTINO, Calif. / CNN — Apple has updated its software for iPhones to address a critical vulnerability that independent researchers say has been exploited by notorious surveillance software to spy on a Saudi activist.
The software exploit has been in use since February and has been used to deploy Pegasus, researchers from the University of Toronto’s Citizen Lab said.
Pegasus — the spyware made by Israeli firm NSO Group — has allegedly been used to surveil journalists and human rights advocates in multiple countries.
NSO Group did not address the allegations, but said, “NSO Group will continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight terror and crime.”
The urgent update that Apple released Monday plugs a hole in the iMessage software that allowed hackers to infiltrate a user’s phone without the user clicking on any links, according to Citizen Lab. The Saudi activist chose to remain anonymous, Citizen Lab said.
Apple credited the Citizen Lab researchers for finding the vulnerability.
“Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals,” Ivan Krsti?, head of Apple Security Engineering and Architecture, said in a statement.
NSO Group said its software is only sold to vetted customers for counterterrorism and law enforcement purposes.
Researchers, however, said they found multiple cases in which the spyware was deployed on dissidents or journalists. In 2019, Citizen Lab analysts alleged that Pegasus was used on the mobile phone of the wife of a slain Mexican journalist.
The recent surge in spyware prompted a United Nations panel of human rights experts in August to call for a moratorium on the sale of such surveillance tools. The UN panel said the ban should remain in place until governments have “put in place robust regulations that guarantee its use in compliance with international human rights standards.”
The-CNN-Wire & © 2021 Cable News Network, Inc., a WarnerMedia Company. All rights reserved.
The post Urgent iPhone software update issued to address critical spyware vulnerability appeared first on NBC2 News.