The report published in Amnesty International has issued a warning that Apple iPhones data can be compromised after a “very malicious” malware was caught stealing credentials, recording screenshots, and logging keystrokes.
If reports are to be believed, Amnesty International said they discovered iPhones belonging to human rights lawyers and journalists had been affected with NSO Group’s Pegasus malware that can easily provide the attacker access to their emails, messages, and even to the phone’s microphone and camera.
NSO Group is an Israeli firm that provides spyware like Pegasus, enabling the remote surveillance of smartphones. They sell these Spywares to government agencies and law enforcement to fight against terrorism.
Amnesty International found proof of a hack in an iPhone 12, the newest iPhone model that works on iOS 14.6, the latest software. On Monday, Apple updated its software to iOS 14.7, but they haven’t yet released security details that could specify whether it has fixed the damage identified by Amnesty International.
Amnesty International secure a leaked list of 50,000 phone numbers that spy software made by NSO Group may have attacked. They also found evidence that Android devices were also targeted by NSO Group Spyware but weren’t able to check those devices in the same way as the iPhones.
Apple’s head of security engineering and architecture, Ivan Kristic, said in a statement that “Apple clearly condemns cyberattacks against journalists, human rights activists, and others seeking to make the world a better place. For over a decade, Apple has led the industry in security innovation and, as a result, security researchers agree iPhone is the safest, most secure consumer mobile device on the market.”
Also read: Is Your Email Address Among The Millions In A Facebook Leak?
Warning Issued For Millions Of Apple iPhone Users
An iPhone software update from Apple could repair the exploit
According to the security experts, the most effective way to stop malware is to keep devices mend with the latest software, and for this, the device maker should be aware of the bugs the attackers are using. If they are “0days,” as NSO Group is accused of using, this undoubtedly shows that Apple has not yet been able to repair the damage.
By updating the Apple device with the new software, NSO Group’s software will stop working or became weak to target up-to-date phones. In an interview, Kristic said, Attacks like the ones mentioned are very sophisticated, it really cost millions of dollars to develop. However, he also mentioned that this spyware is not a threat to the majority of their users and Apple is constantly adding new protections for their devices.
iPhone privacy has been a key marketing approach
Apple has made security and privacy one of its key marketing approaches, asserting its control of the operating system, and the hardware that runs it, allows Apple to deliver a higher level of security and privacy than devices made by its rivals.
Apple argues that its security team is four times larger than it was five years ago and employees are working to improve device security as soon as it finds new threats. Apple always publishes security fixes for each software update on its official website, indexing them with industry-standard “CVE” numbers and crediting security researchers who find them.
Amnesty International’s report said NSO Group’s spyware software doesn’t remain on an iPhone when it’s rebooted, making it difficult to confirm that a device has been infected.
An NSO Group spokesperson said the company would look into all claims of misuse.
“We would like to emphasize that NSO sells its technologies solely to law enforcement and intelligence agencies of vetted governments for the sole purpose of saving lives through preventing crime and terror acts. NSO does not operate the system and has no visibility to the data,” the NSO spokesperson said.” ( Source )
Check Point requested users to check the generally hidden from view LaunchAgents directory in their library, where users should check for “suspicious” filenames. Then, delete any that are found, the firm says, giving the example of “com.wznlVRt83Jsd.HPyT0b4Hwxh.plist” as the kind of filename you should look for.
Trending News: Apple’s New iPhone Feature Is A Long Term Success
Windows 11 is coming with New Entertainment Widget