New Flaw in Apple Devices Leads to Spyware Infection, Researchers Say
Citizen Lab researchers have discovered a serious security hole in Apple products that has been used to infect such devices with the Pegasus malware developed by NSO. Significant questions concerning the security of Apple’s products and the possibilities of surveillance technologies have been raised in light of this disclosure.
Inspecting an Apple device used by a representative of a civil society organization in Washington, Citizen Lab found that this issue made it possible for the device to become infected with NSO’s Pegasus spyware. The potential for bad actors to secretly penetrate people’s gadgets is highlighted by this alarming revelation.
Senior researcher at Citizen Lab John Scott-Railton stressed the significance of civil society organizations in identifying and educating the public about complex cyber dangers, saying, “This shows that civil society is once again serving as the early warning system about really sophisticated attacks.”
Citizen Lab did not provide any other information regarding the person or business that was impacted, but it did say that the vulnerability targeted iPhones running the most recent version of iOS, namely version 16.6.
Apple quickly released updates to fix the security weakness in response to Citizen Lab’s discoveries. A representative for Apple declined to comment further on the situation but recommended users to update to the most recent software version, reiterating the significance of doing so for improved security.
The Israeli company behind the Pegasus spyware, NSO Group, had no immediate comment in response to Citizen Lab’s investigation. Notably, because of f allegations of misuse, including the surveillance of government officials and journalists, the firm has been under intense international scrutiny and has been placed on the U.S. government’s blacklist since 2021.
This event highlights the continuing conflict between technology businesses and surveillance agencies and highlights the requirement for ongoing security updates in order to safeguard user privacy and data integrity.