Everything You Need To Know About The Apple Spyware Saga
On Monday 14th September 2021, it was made known to users of Apple products that a spyware company based in Israel had managed to silently hack devices such as iPhones, iPads, Apple watches, Mac computers and potentially other devices. Here, we provide the latest information in our Apple spyware update and explore Apple’s fix to the hacking, which is believed to have started way back in February 2021.
The Company Behind The Apple Spyware Breach
It has been all but confirmed that the company behind the hacking is an Israeli spyware company that goes by the name of NSO Group. The company’s spyware, which is known as Pegasus, has the ability to silently hack into a device, intercept messages and calls, collect personal information about its user and turn a mobile phone into a listening device.
NSO Group has responded to the breaking of the news by neither confirming or denying their involvement in the spyware and by stating that it’s main priority is to “continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight terror and crime”, as reported by the BBC.
So, NSO Group claims that the spyware is only to be used by law enforcement agencies to monitor dangerous criminals and terrorists. However, investigations such as the Pegasus Project, which was carried out by The Guardian, have revealed that the spyware is in fact being used by government clients to keep tabs on groups such as journalists and human rights activists. This leads us onto the next important question in this spyware breach, how was the spyware detected after around eight months of it being a threat?
How The Spyware Was Detected
The use of the spyware on Apple products was uncovered by independent researchers. University of Toronto’s Citizen Lab, which acts as an internet security watchdog, brought the use of the spyware to light during an examination of an unidentified Saudi activist’s mobile phone. The mobile device is believed to have been under surveillance since February and when the Canadian researchers detected the presence of the spyware on 7th September 2021, they immediately informed Apple.
NSO Group managed to acquire access to the individual’s mobile phone through the iMessage service, a route that researchers say will continue to be pursued by spyware companies. Apple’s iMessage function was exploited by NSO Group as they silently sent corrupt files to a device that appeared to be GIF extensions. These were in fact Adobe PDF files that contained malicious code. Citizen Lab delivered a full report of the findings on their official website.
A Groundbreaking Discovery From Researchers
What makes this discovery all the more significant from all perspectives is the fact that it is the first time a ‘zero-click’ or ‘zero-day’ exploit has been found and analysed. A ‘zero-click’ exploit allows a hacker to gain access to a device without requiring the owner or user of the device to click on anything. The first detection of this use of spyware provides researchers and indeed technology companies such as Apple with encouragement that such instances will be picked up sooner in the future.
For spyware companies such as NSO, the finding was deemed “a rough day at NSO because the lights are going to go out on one of their most productive exploits” by John Scott-Railton, part of the research team at Citizen Lab. However, researchers foresee many similar challenges in the near future. Citizen lab added: “As presently engineered, many chat apps have become an irresistible soft target. Without intense engineering focus, we believe that they will continue to be heavily targeted, and successfully exploited.”
Despite the fact that ‘zero-click’ attacks can be launched without a device owner or user having any knowledge or playing no part in the process is scary, security experts have urged the average user not to show concern. Experts say that the hacks are much more likely to be carried out on individuals that are highly targeted.
Apple Develop A Software To Block The Spyware
On Tuesday 14th September 2021, Apple announced that it has developed a software that blocks ‘zero-click’ spyware, thereby diminishing the panic that may have been spread amongst Apple product users. The emergency iOS 14.8 and iPadOS 14.8 software was issued to rectify the issues in the iMessage system, which allowed NSO Group to gain access to the Saudi activist’s phone.
Speaking about the release of the software, Head of Apple Security Engineering and Architecture, Ivan Krstic, commented: “After identifying the vulnerability used by this exploit for iMessage, Apple rapidly developed and deployed a fix in iOS 14.8 to protect our users. Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. We continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data.”
Are You Being Spied On? We Can Help
We endeavour to bring our customers the very latest news from the spy world, so be sure to check back to our website to find more industry articles from our surveillance professionals. If you believe that you are a victim of spyware, we can help with the provision of our counter surveillance equipment and our expertise, as a team of private investigators and ex-police officers. Contact us on 024 7601 0588 today if you would like our assistance.