The loss of Pegasus spyware shows how vulnerable iPhones are to hackers


If you’ve been paying attention to the news over the weekend, you may have heard something about “Pegasus”. In this case, Pegasus is not a flying mythical horse, however Powerful Phone Hacking Spyware sold by an Israeli company that would be used to expose journalists, politicians, activists, and even business leaders around the world. But if you don’t fall into these categories or otherwise are unlikely to be the target of a sophisticated piracy operation, how any of this applies directly to you may not be so obvious.

The average person should really care about the government Azerbaijan breaking into his phone and listening to their conversations or watching them with their phone cameras? Probably not. But reports suggest that people who have bought heart into Apple’s marketing about how secure their devices are – and how hard Apple struggles to ensure that security – might want to think again: iPhones can be hacked.

Which might surprise many, since Apple has long cultivated its reputation as a private and secure alternative to rivals Microsoft and Google, whose Android operating system powers most of the world’s non-iPhone phones. Apple has taken a well-publicized stance against the U.S. federal government twice, refusing to help the FBI unlock phones belonging to suspected terrorists. But the fact that the FBI was able to get into those phones without Apple’s help should be your first indication that iPhones and Macs aren’t impenetrable forts.

Now, multiple report wild on a leak of 50,000 phone numbers belonging to people who claim to be potential targets – including journalists, dissidents, human rights defenders and heads of state – say thousands of iPhones could have been hacked by Pegasus. This sophisticated spyware, which was developed by Israeli intelligence company NSO Group, can collect data from a target’s phone, access its location, and record it through its microphone and camera without its knowledge – and without it. a target also clicking a link.

NSO keep up who only sells his technology to government agencies to investigate and fight terrorism and crime (“for the sole purpose of saving lives”) and that the allegations made in the report are false – even if his co-founder and CEO Shalev Hulio he also told the Washington Post that the reports were “concerning” and that the company was “investigating all allegations”. But shopkeepers who investigated the devices belonging to the phone numbers on the list found that some people had been targeted because they were investigating or speaking out against governments or otherwise powerful people – not because they were criminals or terrorists.

A detailed report by Amnesty International, which, along with the nonprofit organization Forbidden Stories, led the investigation, shows how Pegasus used Apple’s own applications, including Apple Photos, Apple Music and iMessage, as attack vectors. And some of the exploits were already known to research experts and researchers. For example, the fact that a hacker can send malware through iMessage that infects a target phone even if the recipient never clicks on anything – known as a “zero-click” exploit – has been reported on for several years.


Apple insider said the Washington Post they believed that society was not doing enough to protect itself from known vulnerabilities or veterinarians producing new products for exploitation before they were released to the public.

Apple told Recode that the iPhone is “the safest, most secure consumer mobile device on the market” and that several steps are needed to detect and resolve new threats.

“Apple unequivocally condemns cyberattacks against journalists, human rights activists, and others who seek to make the world a better place,” Apple said in a statement. “Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the vast majority of our people. users, we continue to work tirelessly to defend all of our customers. ”

Whether you’re a likely target of spyware hacking or not, there are some steps you can take to make your devices more secure, such as frequent updates to your operating system and applications. The zero-click exploitation of iMessage, for example, it appears to have been treated from “Blastdoor” of the iOS 14 update, which isolates received iMessages from the rest of the phone (including the iMessage app itself) and tests them for malicious code. But the key word here is “safer”. It’s not the same thing as “safe,” and it’s not a guarantee of anything.

The Pegasus investigation shows that iPhones – and any other device, Apple or otherwise – are not 100 percent secure and will always play catch-up to resolve vulnerabilities that hackers find and exploit. Even the most secure devices and encrypted messaging applications can be potentially hacked. It is very unlikely that they will be used against the device of you, the average reader. But I shouldn’t assume it’s impossible for anyone else to get in.

Source link


Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button