According to research published on Sunday by Amnesty International, Apple iPhones can hack. Their sensitive data steal using hacking software that does not require the user to click on a link. Amnesty International reported that iPhones belonging to journalists and human rights attorneys infected with NSO Group’s Pegasus virus give the attacker access to the phone’s messages, emails, microphone, and camera.
According to the discovery, countries utilizing NSO Group software have successfully hacked iPhones to spy on user data using ways unknown to Apple. Even keeping an iPhone up to date won’t stop a devoted attacker from using pricey and covert spy tools.
Changes in user behaviour, such as avoiding clicking on unknown or phishing links in messages, may not be enough to protect iPhone users from NSO’s malware, given the nature of the attacks. According to Amnesty International, previous versions of Pegasus needed the user to click a malicious link in a message.
NSO Group is an Israeli company that claims to sell to verified government and law enforcement agencies. According to them, their product is used to prevent terrorism, automobile explosions, sex and drug trafficking, gangs.
Amnesty International discovered proof of a hack in an iPhone 12, the most recent iPhone model running iOS 14.6. That is to say, it was the most current version before Apple released iOS 14.7 on Monday. However, no security details have to disclose that could indicate whether the weaknesses discovered by Amnesty International resolving.
Amnesty International discovered a leaked list of 50,000 phone numbers that NSO Group’s espionage software could have hacked. It found evidence that NSO Group malware was also targeting Android smartphones, but it couldn’t study them the same way as the iPhones.
The most efficient strategy to avoid malware, according to security experts, is to keep devices updated with the latest software. This, however, needs the device maker to be aware of the weaknesses that the attackers are exploiting. If they’re “0days,” as NSO Group claims, it means Apple hasn’t been able to patch the flaws yet. It will no longer be a zero-day exploit until Apple fixes it, and users can protect themselves by updating to the most recent version of the operating system.
That means NSO Group’s software might cease working. Alternatively, they might lose the capacity to target up-to-date phones as soon as Apple resolves the exploits. According to Apple, these happen as soon as they become aware of such an attack.
Apple has made security and privacy a core marketing strategy, claiming that its control of the operating system and the hardware that runs it allows it to provide a higher level of security and privacy than competing devices.
According to the company, Apple’s security team is four times larger than five years ago. Employees try to improve device security as soon as new threats had discovered. Apple posts security fixes on its website for each software update. Additionally, they categorize them with industry-standard “CVE” numbers and recognizing security researchers who find them.
According to Amnesty International, NSO Group’s malware does not stay on an iPhone after rebooting, making it difficult to confirm if it has infected. Users who are concerned about being targeted should reboot their devices frequently, according to the report.
Other technological firms view NSO Group’s operations as unacceptably risky and a security risk to their customers. WhatsApp, a Facebook subsidiary, sued NSO Group last year over an alleged WhatsApp hack. Third parties, including Microsoft, Google, Cisco, and others, stated NSO Group had broken US laws and didn’t deserve immunity in a court filing from December as part of that case.