Last week, a security hole was discovered in the iPhone’s software, according to a report from the organization Citizen Lab.
The attacker gets into the phone without the user having to click anything – and it is already being exploited by the Israeli spy company NSO.
The discovery was made when an employee of an unnamed non-profit organization in Washington DC had his phone scanned. The mobile had been infected with the infamous spy program Pegasus, writes DN.
Behind the program is the Israeli company NSO. It has previously been used to hack journalists, activists and politicians in several countries. Amnesty has accused the company of helping Saudi Arabia with the wiretapping of an employee of the organization. In Mexico, Pegasus has been used against democracy activists and lawyers.
NSO claims that Pegasus is only sold to authorities working with counter-terrorism.
Gets in with special image
The spyware had been sneaked in via a previously unknown security flaw in the iPhone’s iOS operating system. All that was required of the attacker was to send a specially crafted image that could crack the security protection. An image that could be sent in a regular message.
NSO receives no help from either Apple or other tech companies, but is dependent on similar security flaws, writes DN.
Apple sues NSO
After the discovery, Apple has released a new update, IOS version 16.6.1, which closes the security hole. iPads and Mac computers are also affected.
Citizen lab, the Canadian organization behind the discovery, has been tracking NSO for years. They recommend all users to install the latest update.
Particularly vulnerable people are also asked to activate the “lock mode” function, which limits the mobile’s functions but increases security.
Both Apple and Whatsapp have sued NSO for espionage.