Jump to content

Apple issues critical iOS update after governments caught spying


Recommended Posts

http://cdn.mos.techradar.com/art/mobile_phones/iPhone/iPhone%206S%20Plus/Hands%20on%202/6SPlus-HandsOn-03-470-75.JPG

Apple released a patch today to fix an exploit that allowed malware to be installed on an iPhone with a single tap.

A report from Vice reveals the details of the exploit used to target human rights activist Ahmed Mansoor. Mansoor received a suspicious text that read, "New secrets about torture of Emiratis in state prisons" and included a link. Instead of clicking on the link, Mansoor forwarded the message to Citizen Lab, a Toronto-based digital rights watchdog.

http://mos.futurenet.com/techradar/art/Randoms/Ahmed%20Mansoor%20texts-420-90.jpg

The text, it turns out, was malware that allowed an iPhone to be jailbroken in one tap. The malware, codenamed Pegasus, allowed an attacker to steal and intercept all data on an iPhone. Calls could be intercepted, contacts lists exposed and text messages stolen.

http://mos.futurenet.com/techradar/art/Randoms/NSO%20Group%20marketing%20materials-420-90.jpg

Citizen Lab collaborated with cyber security company Lookout to dissect the malware and discovered its origins. The malware was created and distributed by a company called NSO Group, known for selling its spyware to governments. "[They're] basically a cyber arms dealer," says Lookout vice president of research Mike Murray speaking to Vice.

NSO responded to Vice, saying the company's malware is designed to "help make the world a safer place by providing authorized governments with technology that helps them combat terror and crime." But for journalists and activists living under a corrupt government, this inspires little confidence.

Update your phone now

Today's iOS 9.3.5 update patches the exploits used by NSO. Apple recommends all iPhone users update as soon as possible to avoid being a victim of this type of malware.

It pays to keep your phone's security up to date and to use common sense when receiving dubious links. Although news of Pegasus is alarming, iOS is still one of the most secure mobile operating systems for consumers, according to Dan Guido, CEO of cybersecurity firm Trail Of Bits speaking to Vice.

http://mos.futurenet.com/techradar/art/Randoms/iOS%209.3.5-420-90.jpg

Android's security has often lagged as a result of outdated software running on a majority of handsets. Android 6.0 Marshmallow still only makes up 15.2% of all Android handsets as of August 2016. Note that Android 6.0 is already one version behind Android 7.0 Nougat, which is only available on select Nexus phones right now.

While Pegasus may be patched today, it's a constant race between cyber arms dealers like NSO and companies like Apple, Google and Microsoft. It'll be up to software makers to stay one step ahead of their enemies.

http://feeds.feedburner.com/~r/techradar/software-news/~4/GAf-UarD5eg
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...