Apple says it closes a Pegasus security hole
A weak point enabled Pegasus to infect Apple devices without users having to click a link. The company has now announced that the vulnerability has been discovered and repair software has been developed and made available.
AAccording to its own information, pple has eliminated a weak point in its devices that made it easier for the controversial espionage software Pegasus to penetrate. The US technology group announced on Monday that after the discovery of this vulnerability by the Canadian research group Citizen Lab, the company had quickly developed and provided repair software “to protect users”.
The identified weak point enables Pegasus to infect Apple devices without the user clicking on a message or a link disguised for spying purposes. According to Citizen Lab, Pegasus has been using the new method of infiltrating the spyware software without any click since “at least” last February.
The Canadian group claims to have discovered the vulnerability last week. It was found on the iPhone of a Saudi Arabian activist who was infected using the Apple messenger service iMessage.
Pegasus software is able to read out all data
Apple cybersecurity manager Ivan Krstic thanked Citzen Lab for the discovery. At the same time, he emphasized that the Pegasus attacks were aimed specifically at individual users and did not pose a threat to “the overwhelming majority of our users”. “But we work non-stop to defend our customers,” said the Apple manager.
The Pegasus software developed by the Israeli company NSO is able to read all data from cell phones that have been attacked with it. In addition, Pegasus can switch on the device’s camera and microphone unnoticed.
The extensive abuse of Pegasus became known in July based on research by an international journalist consortium. Hundreds of journalists, activists and opposition figures around the world have apparently been victims of espionage using Pegasus. Secret services and police authorities in several countries are said to have used the software offered by NSO to tap into the mobile phones of those affected.
A week ago it was confirmed from German parliamentary circles that the Federal Criminal Police Office (BKA) had also bought Pegasus. According to “Zeit Online”, “Süddeutscher Zeitung”, NDR and WDR, the BKA procured the software at the end of 2019. According to parliamentary circles, Pegasus was also used by the BKA “in a few cases”.