"An Israeli cybersecurity firm has been exploiting a significant Apple Inc. software vulnerability since February to silently infect iPhones using iMessage, the company's messaging software, according to the research group that discovered the issue.
On Monday, Apple supplied a critical security update fixing the flaw, but the vulnerability had been used in attacks by Israel's NSO Group, according to Citizen Lab. Citizen Lab is an academic research group that investigates cyberattacks on journalists and dissidents.
"After identifying the vulnerability used by this exploit for iMessage, Apple rapidly developed and deployed a fix in iOS 14.8 to protect our users," Apple said.
The intrusion is particularly worrisome because it is what researchers at Citizen Lab refer to as a "zero click" attack, meaning, unlike most other iPhone hacks, the user doesn't need to click on a link or open a document to be infected. "Anyone with iMessage on their phone could be silently infected," said John Scott-Railton, a researcher with Citizen Lab. "People should update their devices immediately," Mr. Scott-Railton said.
Citizen Lab linked the flaw to NSO Group, which sells hacking tools used by governments world-wide to conduct surveillance.
Asked to comment on a report that Citizen Lab published on the issue Monday, an NSO spokesman said, "NSO Group will continue to provide intelligence and law enforcement agencies around the world with lifesaving technologies to fight terror and crime."
"Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life and are used to target specific individuals." Apple said.. This means "they are not a threat to the overwhelming majority of our users," the company said.
Citizen Lab began pulling on the threads that led to the bug's discovery in March, when they found that a phone belonging to an anonymous Saudi activist had been infected by the Pegasus software, which is built by NSO Group to monitor the phone's activities.
At the time, it was unclear how Pegasus had been installed, but last week, while examining a backup of the phone, Citizen Lab discovered a copy of the attack code that had been used to infect it, by exploiting a bug in Apple's image-processing software, Mr. Scott-Railton said.
"What showed up there was a bunch of files labeled as GIFs but they weren't actually GIFs," Mr. Scott-Railton said. "They contained this exploit that exploited Apple's image processing." GIF is an image file-formatting standard.
Examining the files, Citizen Lab discovered attack code that it linked to NSO group, based on the naming conventions and behavior of the software it installed, Citizen Lab said. In addition to the iOS operating system used by the iPhone, the attack affects iMessage on Apple's Macintosh computers, the iPad, and Apple Watches, Citizen Lab said." [1]
1. iPhone Hit by Silent Attack
McMillan, Robert. Wall Street Journal, Eastern edition; New York, N.Y. [New York, N.Y]. 14 Sep 2021: B.1.
Komentarų nėra:
Rašyti komentarą