Apple’s iPhones running the latest version of iOS (16.6) had a weakness, or flaw, that allowed the infamous Pegasus spyware to infiltrate the device, without any interaction from the victim, researchers at digital watchdog Citizen Lab have said.
The spyware has been linked to Israeli firm NSO, which exploited the newly discovered flaw in Apple devices.
The digital watchdog came across the spyware and the underlying vulnerability in the iPhone while inspecting the device of an employee of a Washington-based civil society group last week.
Citizen Lab said in a statement that it found the flaw had been used to infect the device with NSO’s Pegasus spyware.
“We attribute the exploit to NSO Group’s Pegasus spyware with high confidence, based on forensics we have from the target device,” said Bill Marczak, senior researcher at Citizen Lab, which is based at the University of Toronto’s Munk School of Global Affairs and Public Policy.
Marczak said that the attacker likely made a mistake during the installation which is how Citizen Lab found the spyware
While the new iOS update fixes this vulnerability, Apple has also confirmed that using its high-security feature “Lockdown Mode” available on Apple devices blocks this particular attack.
At the moment, you shouldn’t be worried about this attack. All you need to do is update your Apple device to the latest iOS version.
After Citizen Lab reported the flaws, Apple issued new updates on its devices.
It should be noted that Pegasus and NSO came to light in 2021 after the spyware was used to conduct surveillance of world leaders, government officials, journalists, and businessmen.
Ever since its debut in 2007, Apple has been known for its robust security features that make its devices almost invincible against any type of virus threat, but once in a while, something like Pegasus slips in.
For reasons such as these, you should always keep your device, Apple or Android, updated to the latest software version available because a lot of time software manufacturers are aware of the vulnerabilities and patch it up through the update.