Apple released a patch today to fix an exploit that allowed malware to be installed on an iPhone with a single tap.
A report from Vice reveals the details of the exploit used to target human rights activist Ahmed Mansoor. Mansoor received a suspicious text that read, "New secrets about torture of Emiratis in state prisons" and included a link. Instead of clicking on the link, Mansoor forwarded the message to Citizen Lab, a Toronto-based digital rights watchdog.
The text, it turns out, was malware that allowed an iPhone to be jailbroken in one tap. The malware, codenamed Pegasus, allowed an attacker to steal and intercept all data on an iPhone. Calls could be intercepted, contacts lists exposed and text messages stolen.
Citizen Lab collaborated with cyber security company Lookout to dissect the malware and discovered its origins. The malware was created and distributed by a company called NSO Group, known for selling its spyware to governments. "[They're] basically a cyber arms dealer," says Lookout vice president of research Mike Murray speaking to Vice.
NSO responded to Vice, saying the company's malware is designed to "help make the world a safer place by providing authorized governments with technology that helps them combat terror and crime." But for journalists and activists living under a corrupt government, this inspires little confidence.
Update your phone now
Today's iOS 9.3.5 update patches the exploits used by NSO. Apple recommends all iPhone users update as soon as possible to avoid being a victim of this type of malware.
It pays to keep your phone's security up to date and to use common sense when receiving dubious links. Although news of Pegasus is alarming, iOS is still one of the most secure mobile operating systems for consumers, according to Dan Guido, CEO of cybersecurity firm Trail Of Bits speaking to Vice.
Android's security has often lagged as a result of outdated software running on a majority of handsets. Android 6.0 Marshmallow still only makes up 15.2% of all Android handsets as of August 2016. Note that Android 6.0 is already one version behind Android 7.0 Nougat, which is only available on select Nexus phones right now.
While Pegasus may be patched today, it's a constant race between cyber arms dealers like NSO and companies like Apple, Google and Microsoft. It'll be up to software makers to stay one step ahead of their enemies.