By Ron Howells • 14 September 2021 • 10:44
Apple issues urgent software update for all iPhone, iPad and Mac users to fix security flaw. image: Wikipedia
Apple issues urgent software update for all iPhone, iPad and Mac users to fix security flaw discovered by researchers.
Apple has released a critical software patch to fix a major security vulnerability after researchers discovered that spyware could enter the phone and then exploit it to hack directly into iPhones and other Apple devices without so much as a click from the user.
Researchers at the University of Toronto’s Citizen Lab said they found malicious image files being transmitted to the phone of a Saudi activist, who wished to remain anonymous, via the iMessage instant-messaging app.
They then discovered that the device was then hacked by the Pegasus spyware developed by Israel’s NSO Group, they alleged.
Calling the iMessage exploit Forcedentry, Citizen Lab said that the security vulnerability makes the phones susceptible to eavesdropping and remote data theft, and that it applied to all Apple devices. Forensics revealed that the Saudi activist’s phone had been infected back in March this year, adding that the malicious files caused the phone to crash.
The vulnerability was found in the activist’s iPhone on 7 September, following which Citizen Lab said it immediately alerted Apple. The NSO group licenses its Pegasus spyware tool to government agencies and police forces to investigate criminal activity, but Citizen Lab researcher Bill Marczak said: “We’re not necessarily attributing this attack to the Saudi government.”
Issuing a statement, the NSO Group said that it will continue providing tools for fighting “terror and crime”.
Called a “zero-click” exploit, Pegasus does not require users to click on any suspected link or open infected files and is considered the pinnacle in surveillance technology, as it allows hackers to break into a person’s phone without alerting the victim.
Apple, in a blog post, said that it was issuing a security update for iPhones and iPads because a “maliciously crafted” PDF file could lead to hacking. Apple security chief Ivan Krstic also issued a statement saying that “after identifying the vulnerability used by this exploit for iMessage, Apple rapidly developed and deployed a fix in iOS 14.8 to protect our users”.
Krstic added that in the past, such exploits typically cost millions of dollars to develop and often have a short shelf life.
Though it is unclear at the moment how many Apple users might have been attacked using this vulnerability, Mr Krstic said such exploits “are not a threat to the overwhelming majority of our users”.
Thank you for taking the time to read this article, do remember to come back and check The Euro Weekly News website for all your up-to-date local and international news stories and remember, you can also follow us on Facebook and Instagram.
Share this story
Subscribe to our Euro Weekly News alerts to get the latest stories into your inbox!
By signing up, you will create a Euro Weekly News account if you don’t already have one. Review our
Ron actually started his working career as an Ophthalmic Technician- things changed when, during a band rehearsal, his amplifier blew up and he couldn’t get it fixed so he took a course at Birmingham University and ended up doing a degree course. He built up a chain of electronics stores and sold them as a franchise over 35 years ago. After five years touring the world Ron decided to move to Spain with his wife and son, a place they had visited over the years, and only bought the villa they live in because it has a guitar-shaped swimming pool!.
Playing the guitar since the age of 7, he can often be seen, (and heard!) at beach bars and clubs along the length of the coast. He has always been interested in the news and constantly thrives to present his articles in an interesting and engaging way.
Your email address will not be published. Required fields are marked *
Downlaod our media pack in either English or Spanish.