A human rights lawyer raised the alarm over a flaw in Apple’s iOS software after receiving anonymous text messages that could have compromised his phone’s security.
Advertisement
The malware exploited three different unknown vulnerabilities in Apple’s iOS operating system which would have allowed the attackers to gain full control of Mansoor’s iPhone. Citizen Lab and Lookout discovered the malware product after Ahmed Mansoor, a human rights defender from the United Arab Emirates (UAE), received standard text messages on his iPhone that offered “new secrets” about prisoners being tortured in UAE jails.
Apple and Lookout worked together on a fix for Pegasus and the technology giant has issued iOS 9.3.5 which can be downloaded now. Every phone call, every piece of data would be sent to someone using this software, who could track your location, turn on your microphone, turn on your camera.
The update follows research from a German university showing that iOS is host to a number of security vulnerabilities that could leave millions of iPhones and iPads open to attack.
The researchers say they believe the spyware involved was created by NSO Group, an Israeli “cyber-war” company.
“The threat actor has never been caught before”, Mike Murray, a researcher with Lookout, told the Associated Press.
The program could also record messages from Facebook’s (FB) WhatsApp and listen to Viber calls while also tracking Mansoor’s movement. Simply go to Settings General Software Update and the update should be ready for you to download.
Advertisement
Zero-day attacks are previously unknown software vulnerabilities that are already being exploited by hackers even before the software makers are made aware of them. Two weeks ago the human rights activist, received two odd text messages with links to websites. The Citizens Lab is calling the new exploit Trident. The latest exploit, though, might mark the first time the action of major active exploits was captured and thoroughly documented.
