Recently a private cyber-arms dealer discovered a way to hack the iPhone using sophisticated malware. So the users of iPhone are recommended to update their smartphones.
The ‘world first’ malware was made by Israel-based NSO group. This malware exploited three iOS vulnerabilities that were previously unknown. This tool from NSO Group transforms the phone into a surveillance device. It tracks its movements, logs messages and retrieves personal information. Moreover, it enables hackers to access passwords and record sounds.
In order to remove the flaws, Apple Inc. released patches and the company has urged its customers to update their handsets. A representative from Apple said “We were made aware of this vulnerability and immediately fixed it with iOS 9.3.5,” and added “We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits.”
The company also stated that most of iPhone owners are currently using iOS 9 while the devices with iOS 10 beta are safe.
In order to get the patch update, simple attach the phone to power and connect to internet with a stable connection. Then navigate to Settings, General, Software Update.
The report from Citizen Lab and Lookout security gave details about the malware. Mr. Mike Murray, Lookout vice president of research, declared that the NSO software ‘Pegasus’ is “the most professional piece of spyware that I’ve ever seen.”
Giving some more details, Murray told The Wall Street Journal that the tool works stealthily so that it does not drain much battery and speeds up its data transfer on Wi-Fi networks.
In the field of cyberwarfare, NSO has billed itself as the leading company offering software for governments to watch criminals and terrorists who utilize encrypted communication technologies. A report published on Thursday provides the first detailed look of company’s capabilities.
In an interview in 2013 given to Defense News, NSO co-founder Omri Lavie said “We’re a complete ghost,” and added “We’re totally transparent to the target, and we leave no traces”.
Apart from this, the company is also capable of installing unauthorised software on Android, iPhone and BlackBerry devices.
The experts highlighted the strange way that Pegasus gets installed on a device, taking advantage of the three security flaws present in iOS to “jailbreak” the phone in a stealthy manner and beat the requirement that only Apple-approved software could be installed on the phone.
According to Murray, previously researchers had described this sort of one-click iPhone targeting but was never seen in a real-world attack.