The Apple’s security team solved with the update iOS 14.8 and iPadOS 14.8 the flaw that allowed the spyware Pegasus to attack iPhone and iPad. The software developed by the Israeli group NSO Group in recent months it has become known for being used against activists, journalists and even heads of state.
iOS 14.8: fixed the flaw that gave access to the Pegasus spyware
For the past six months, the defense and espionage software group NSO Group exploited a specific vulnerability in iOS and iPadOS. One was enough PDF created in a particular way e sent via iMessage to access the operating system. A exploit da remoto zero click, which does not need user interaction to be dangerous.
Apple had explained that this kind of sophisticated attack does not affect the average user. But it had served authoritarian governments for spying on journalists, activists and opposing politicians, although the NSO Group has claimed to have sold the software only to governments with a virtuous past in human rights.
As it does not require any user action, this exploit remains anonymous and allows those who launched the spyware to monitor all smartphone activity. Vulnerabilities like these are rare but extremely dangerous: it is worth updating the device immediately, even if you are not under surveillance by any foreign government.
Apple is also working on further barriers against spiesware in the future aiOS 15 updates, in order to protect all users against these malicious software. In particular for activists, dissidents and journalists who oppose authoritarian regimes. Regimes to which NSO Group should not have sold Pegasus.