“We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits”, said Fred Sainz, an Apple spokesman.
Advertisement
The Pegasus spyware can access mobile devices’ messages, calls, emails, Global Positioning System location, logs, calendar data, contact lists, passwords and other information from apps including Gmail, Facebook, Skype and FaceTime.
If you own an iPhone, update it right now even as you read this article because it can be hacked using three zero-days.
According to Fox News, Mansoor in an interview in downtown Ajman, United Arab Emirates said “It feels really good”, and he added that developments “could save hundreds of people from being targets”.
After receiving a suspicious text with a link, he reported the matter to the University of Toronto’s Citizen Lab, which worked in conjunction with the San Francisco-based mobile security firm Lookout to research the affair, USA Today reported.
Mansoor received several text messages earlier this month that contained links promising information about prisoners being illegally tortured.
The researchers alerted Apple to the vulnerability a week and a half ago.
As soon as Citizen Lab discovered the hack, they notified Apple and the tech giant quickly developed an update to address it.
Their report into the incident indicated that the NSO Group, an Israeli company with a reputation for flying under the radar, were most likely the authors of the spyware.
Citizen Lab then teamed up with Lookout to reveal that the links led to the zero-day three-step exploit chain that would have jailbroken Mansoor’s iPhone and installed the sophisticated spying malware Pegasus.
Advertisement
Tools such as that used by NSO to remotely exploit a current iPhone cost as much as $1 million, according to Reuters. The update has been released over-the-air (OTA) and is a very small one weighing just about 40MB depending upon your device.
