Apple has always been very upfront about protecting its users privacy over government requests for creating backdoors in iOS for them to access data stored in iPhones retrieved from suspects. We have seen how aggressively Apple stood against the FBI and United States Department of Justice, when the FBI asked the company to create a software that would help them access data stored in the iPhone belonging to the deadly San Bernarardino shooter. However, researchers have now found one of the most sophisticated iOS hack that used three unknown zero-day vulnerabilities, which could allow governments and cyber criminals to jailbreak and gain access to any iOS device with just one click of a link.
Shortly after releasing iOS 9.3.4 to Apple has now rolled out iOS 9.3.5 update to supported iPhones and iPads. The new version comes with an “important security update” to fix the vulnerabilities that were used by ‘Pegasus’, the tool developed to hack any iPhone remotely. The tool allowed cybercriminals to remotely install an advanced and sophisticated spyware on iOS devices and use them to secretly track data and even take photos. This was first found by research firms Citizen Lab and Lookout, which claimed the flaw used three critical iOS zero-day vulnerabilities capable of breaching Apple’s much talked about strong security environment. The two organizations worked with Apple to get the three vulnerabilities, dubbed Trident, fixed with the iOS 9.3.5 update.
The security firms further reveal that the latest vulnerability, Trident, used a spyware product called Pegasus. According to a probe conducted by Citizen Lab, the spyware product was developed by an organization called NSO Group. This Israel-based group, acquired by US company Francisco Partners Management in 2010, is known for specializing in cyber warfare. The group reportedly sells Pegasus as a government-exclusive “lawful intercept” spyware product. In simpler words, the spyware could allow the authorities to keep track all the activities online of a user. It’s pointed out that the product used advanced hacking methods and was highly valuable, in fact the group sold 300 licenses for about $8 million. The spyware was reportedly used for high value targets. According to reports, the NSO group has partnerships with a several Israeli surveillance firms as they look to sell their spy kit across the world.
The firms first came across Pegasus when Ahmed Mansoor, a UAE-based human rights activists, received text messages on his Phone on August 10 and August 11 that claimed to provide “new secrets” about human rights crisis in UAE jails. To get the information, one had to clicked on the link mentioned in the text message. Instead of clicking the link, he sent the message to these security firms, which later found out about the major exploit.
According to the research firms, the latest discovery reveals how the governments could digitally harass dissidents or people like activists, journalists, and human rights workers.
What Pegasus actually does
The spyware uses the traditional phishing method, which involves sending a text message with a link. In case of Pegasus, the link stealthily installs in the device and targets the existing vulnerabilities. Pegasus is capable of logging in data from messages, calls, emails, logs, and more from apps including Gmail, Facebook, Skype, WhatsApp, Viber, FaceTime, Calendar, Line, Mail.Ru, WeChat, SS, Tango, and others most used applications on a device. After gaining access, details from calls, messages and contacts are copied and sent to the hacker. The spyware is even capable of launching the iPhone’s cameras and microphone to capture events taking place around the device. The spyware is so sophisticated that the user never finds out that his device has been compromised. In fact, it could update itself whenever the exploit in the device becomes obsolete, and continues to exploit new vulnerabilities.
How to get iOS 9.3.5
Apple has released iOS 9.3.5 update for iPhones and iPads running iOS 9 that include the iPhone 4S and above, iPad 2 and above, all the iPad Minis and iPad Pros, and even the fifth and sixth generation iPod touch that fixes the vulnerabilities that Pegasus uses. To get the update, go to Settings > General > Software Update. Tap on the update. It’s a 40MB in size, and is a highly critical one, so you should ideally need not to wait for a Wi-Fi connection.