Skip to main content

Apple condemns Pegasus spyware attack, says it is working on added protection

 Apple condemns Pegasus spyware attack, says it is working on added protection.. 

Apple has also noted that such attacks do not affect an overwhelming number of users and has said that the company is now working on added protections.


HIGHLIGHTS

  1. According to the forensic methodology report by Amnesty, Apple’s iPhone is the easiest to snoop on using the Pegasus software.
  2. Apple called such attacks “highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals.”
  3. The leaked database shows that iPhones running iOS 14.6 contain a zero-click iMessage exploit and this exploit could have been used to install Pegasus software

Apple, the tech giant which emphasises user privacy, was a victim of Pegasus spyware attack that snooped on journalists, activists and some government officials. In fact, according to the forensic methodology report by Amnesty, Apple’s iPhone is the easiest to snoop on using the Pegasus software. The leaked database shows that iPhones running iOS 14.6 contain a zero-click iMessage exploit and this exploit could have been used to install Pegasus software on the iPhone devices of the targeted entities. The Cupertino giant has now released a statement condemning the attack. It has also noted that such attacks do not affect an overwhelming number of users and has noted that the company is now working on added protections.

Apple’s Head of Security Engineering and Architecture, Ivan Krsti, in a statement said, "Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data,” the Apple spokesperson added.A report by Amnesty International, a global organisation which is dedicated to fighting the abuse of human rights noted that the spyware can work on any smartphone, and discovered that it was still using the iMessage exploit that was previously thought to have been fixed.

This exploit was discovered by Citizen Labs previously. Zero click attacks do not require input from the user to trigger, are virtually undetectable, and run in the background. Apple had introduced a Blastdoor framework in iOS 14 to make zero clock attacks difficult but it does not seem to be working as intended as researcher Bill Marczac.

“AmnestyTech saw an iOS 14.6 device hacked with a zero-click iMessage exploit to install Pegasus. We at @citizenlab also saw 14.6 devices hacked with a zero-click iMessage exploit to install Pegasus. All this indicates that NSO Group can break into the latest iPhones,” Marczac wrote on Twitter. “It also indicates that Apple has a MAJOR blinking red five-alarm-fire problem with iMessage security that their BlastDoor Framework (introduced in iOS 14 to make zero-click exploitation more difficult) ain't solving,” he added

Comments

Post a Comment

Popular posts from this blog

EDGE COMPUTING

EDGE COMPUTING Timeline of Computing The timeline of computing looks something like this: At first, there was one big computer; after that came the UNIX era; then we were introduced to personal computers, which led to the cloud computing era. And now, we find ourselves in the next stage of computing, named the Edge computing era. Nowadays we use our personal computers to access centralized services such as Gmail, Google Drive, cloud storage, office 365… The personal assistants on our smartphones and smart speakers are powered by centralized cloud artificial intelligence. We can say with certainty that the new opportunities of cloud services are located at the “EDGE.” Even though we are still in the cloud computing era – we can say that our cloud infrastructure relies much on hosting companies and compute power of the very few who are providing it for us: Amazon, Microsoft, IBM, and Google. Why do we call it Edge? The word Edge is used in the context of geographic distribution. Edge com...
Post a Comment
Read more

ADOPTION OF PASSWORDLESS SECURITY TAKES OFF AMID COVID-19

Adoption of passwordless security takes off amid COVID-19 E nterprises worldwide are accelerating the adoption of passwordless authentication technologies in response to the increase in cybersecurity threats in 2020, according to a new report released by HYPR, The Passwordless Company and Cybersecurity Insiders. The report " The 2021 State of Passwordless  Security " includes insights from over 425 information technology professionals, representing a cross-section of organizations of varying sizes across multiple industry verticals, globally. It uncovered the key drivers and barriers to passwordless adoption and organizations' technology preferences, based on data from Cybersecurity's 500,000-member community. 90% of survey respondents experienced phishing attacks against their organizations in 2020, 29% of those experienced credential stuffing – revealing the impact of remote working and the overall increase in attacks on legacy and password-based multi-factor aut...
1 comment
Read more

RECODE

 Recode Founder: Kara Swisher Year Started: 2014 Domain Authority: 93 Currently, owned by VOX media, Recode gives the most updated independent technology news, analysis trends, and reviews from the most respected and informed journalists as well as bloggers in media and technology. Recode is uncovering and explaining how our tech world is changing by focusing on the businesses of Silicon Valley. Its founder Kara Swisher has all the connections to the latest tech tips and products, making it a robust technology blog to read!  
Post a Comment
Read more