Apple taking cognizance of the lapse caused by a security vulnerability researchers noted could directly affect iPhones and other Apple devices without any action, has released a critical software patch.
According to University of Toronto Citizen Lab researchers, the security issue was being used to infuse spyware on the smart phone of a Saudi activist, with the researchers further positing that they are sure the famed hacker-for-hire firm, the NSO group were responsible for the attack.
The researchers said all major Apple devices (iPhones, Macs, Apple Watches) were affected by the unknown vulnerability but the accused NSO group in its tacit response to the accusation said in a statement that it will continue to look for ways to fight terror and crime.
The security vulnerability has been described as one that would not even require users to click on dangerous links or open infected files, a hacking style the researchers dubbed ‘a zero-click-exploit’. The malicious code was discovered by the researchers September 7, 2021 and immediately notified Apple of the danger, with the targeted activist preferring to remain anonymous.
“We’re not necessarily attributing this attack to the Saudi government,” said researcher Bill Marczak.
The evidence of the ‘zero click’ spyware, having being used to hack the smartphones of Al-Jazeera journalists, and others have been initially found by Citizen Lab, but the malicious code weren’t seen then.
Security while alerting security professionals noted that though the mode of the attack appears to be limited to specific targets, it is a source of concern even if it hasn’t yet largely affected the average iPhone, iPad and Mac users.
Marczak said that in this latest attack, malicious image files through the iMessage instant messaging app were infused into the smartphone of the activist and then subsequently hacked with the NSO’s Pegasus spyware that had opened a phone to eavesdrop and steal data. After a second examination of the phone, forensics discovered the malicious file discovered in March can cause devices to crash.
Citizen Lab affirmed that this incident is a pointer that the NSO group has proven once again that its spyware is being used against civilians and ordinary people.
Apple in a blog post has said it would be having a security update for iPhones and iPads as a ‘maliciously crafted’ PDF file can cause their compromise. The Blog post also hinted that the company is aware the issues have been exploited, while citing Citizen Lab.
Apple’s Security Chief, Ivan Krstić in another statement heaped praise on Citizen Lab. While noting such exploits will not in any way become a threat to majority of Apple’s users. According to him, such exploits had in the past cost millions of dollars to develop and in most cases have a short shelf life. But he fell short of responding to inquiries on if that was the first time it had patched ‘a zero-click’ vulnerability.
For iPhone users, they will get alerts on their phones asking them to update the phone’s iOS software and if they do not get the alert immediately, they can do it themselves by tapping the phone settings, then click on ‘General, , after that click on ‘Software Update’, an action will process the update directly.
Citizen Lab, while urging people to immediately install the software updates said the iMessage method it dubbed ‘FORCEDENTY’ can attack all Apple iOS, MaxOS and WatchOS devices.