New security flaw discovered in Apple devices leads to spyware infection

Phan Van Hoa (According to Reuters) DNUM_ACZBAZCACD 09:21

(Baonghean.vn) - Recently, security researchers have discovered a new security vulnerability in devices manufactured by Apple, leading to the risk of spyware infection.

Accordingly, in September, researchers at the Citizen Lab digital surveillance organization (Canada) said they discovered spyware related to the Israeli private cybersecurity company NSO, exploiting a newly discovered security vulnerability on devices manufactured by Apple.

Anh minh hoa (3).jpg

In a statement, Citizen Lab said that while examining the Apple device of an employee working for a civil society group based in Washington (USA), the organization discovered a security vulnerability in the device that was exploited to infect it with NSO's Pegasus spyware.

Pegasus spyware, developed by Israel's NSO Group, can allow spies using it to access the hard drive of an infected phone, thereby being able to view photos, videos, emails and texts, even on encrypted communication applications.

The software can also allow spies to record conversations made on or near the phone, use the phone's camera, and determine the phone user's location.

No information on the target device is safe. Pegasus can access files, from SMS chats or encrypted messaging services, address books, call history, calendars, emails to Internet browsing history.

Previous versions of the Pegasus malware used spear phishing attacks to gain access to phones. It has since been upgraded to be much more effective and can penetrate even without the phone user clicking anything, a so-called “zero-click” attack.

“We believe that NSO Group’s Pegasus spyware exploit has a high level of confidence, based on the investigative results we obtained from the targeted device,” said Bill Marczak, senior researcher at Citizen Lab.

The attacker may have made a mistake during installation, which is why Citizen Lab found the spyware, he said.

In this regard, Citizen Lab said that Apple confirmed to them that using the high-security Lockdown Mode feature available on Apple devices would have prevented this particular attack.

Lockdown Mode is a feature introduced by Apple to protect vulnerable subjects such as politicians, journalists or people holding sensitive information.

“This shows that civil society is once again acting as an early warning system for really sophisticated attacks,” said John Scott-Railton, senior researcher at Citizen Lab.

Citizen Lab did not provide further details about the individuals or organizations affected.

The watchdog said the vulnerability allows spyware to infect iPhones running the latest version of iOS (16.6) without any interaction from the victim.

Apple has released a new update to its devices after investigating the vulnerabilities reported by Citizen Lab. An Apple spokesperson said they have no further comment, while Citizen Lab urged users to update their devices to fix the security flaw.

NSO has not yet commented on the information released by Citizen Lab.

Since 2021, the US government has blacklisted NSO for multiple violations, including spying on government officials and journalists.

Phan Van Hoa (According to Reuters)