CUPERTINO, CA (CelebrityAccess) — Apple released an emergency software patch for its IOS operating system to address a critical security flaw that could allow hackers to surreptitiously install spyware on apple devices.
Discovered by the University of Toronto’s Citizen Lab, the ‘zero-click’ export allows attackers to install the spyware by sending images with embedded malware to the device via iMessage without needing the user to click on a link.
The spyware, called Pegasus, was reportedly developed by an Israeli security company NSO Group, who say they only provide the software to vetted law enforcement and counter-terrorism organizations.
However, Citizen Lab and Amnesty International report that the software has been used to target political dissidents, human rights activists, and journalists.
“After identifying the vulnerability used by this exploit for iMessage, Apple rapidly developed and deployed a fix in iOS 14.8 to protect our users,” Ivan Krstić, head of Apple Security Engineering and Architecture told USA Today.
“Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals,” Krstić added.