Apple released updates on Monday Citizen Lab reported they had found spyware on the phone of a Saudi dissident that gave the attacker the same control over the phone as its owner. The attacker could turn on the camera or microphone, read messages (even encrypted ones). The researchers traced the spyware to NSO Group, a company that makes spyware for governments and anyone else with deep pockets. The spyware has been in circulation since March.
Most of us have heard the term malware. We have been told to use anti virus software, install updates and be wary of giving out our credit card number online. Microsoft, Apple and Google release security and quality updates regularly. These updates quietly address security concerns as well as other issues.
Until now, a person would always be alerted to some attempt to compromise their phone/tablet/computer by a web pop-up or the arrival of some strange message. I have always advised my clients to delete the message or email and run a scan on the computer. We were under the impression that simply receiving a message would not compromise your phone/tablet/computer unless you accidentally clicked on the content. This particular spyware works without user input or warning. This type of malware is known as zero click remote exploit. It takes advantage of a zero day flaw in the way Apple OS processes messages. You won’t even know you received a message because it’s just binary code and it happens so fast. Once installed the spyware gives the sender access to your camera, microphone, messages (even encrypted messages) and more.
The software was developed by a company called NSO Group. NSO’s spyware allows governments, mercenaries and criminals to conduct surveillance on targeted individuals. Since it’s discovery by Citizen Lab, a cyber security watchdog at the University of Toronto, the software, dubbed Pegasus, has been found on the devices of authors, lawyers, politicians and others.
I like Apple products for their intuitive design, perceived security and the way the phone, watch, tablet and computer work together. My confidence in Apple was seriously shaken with the news of this flaw. I had to remind myself that all software has flaws. I support Microsoft products, and I use Windows every day. As cyber criminals find new ways to exploit people online software developers are quick to close those avenues.
For more information contact us