IPhones Vulnerable To "Zero-Click" Pegasus Hack
After turning the heads of all major government and non-government entities across the world, Pegasus is far from finished as a group of tech researchers claimed that even the latest iPhones are not safe from the software’s latest “zero-click” hack variant.
In a report published by TechCrunch, a Toronto-based team of tech-security researchers named Citizen Lab has found out that even the latest iOS variants, the iOS 14.4 and 14.6, supposed to ensure user security, are not safe from the latest Pegasus variant.
Through an investigation of a Bahraini human rights activist’s iPhone 12 Pro, the watchdog revealed that the software has been taping the phone since February. This new variant is called “Zero-click” as it doesn’t require any user activity to tap into the phone using a previously unknown iMessage glitch. iOS 14, as claimed by Apple Inc. (AAPL), is supposed to be capable of any such data breach, justifying its name, BlastDoor. According to the wire, Pegasus can bypass the firewalls of the system and exploit the user data. Even the latest iOS update, 14.7.1 is yet to prove if it can bridge the gap and counter the hackers.
Tuesday, the Chief Security Engineer of Apple, Ivan Krstic, said, “Apple unequivocally condemns cyberattacks against journalists, human rights activists, and others seeking to make the world a better place … Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life and are used to target specific individuals.”
Krstic added, “While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data.”
According to the company, iOS 15 will be released with tighter security, but if it has resolved the issue that Pegasus is exploiting, is yet to be confirmed. As iOS 15 is already riddled with the CSAM (Child Sexual Abuse Material) filtration system, which has already posed multiple risks to user data security, it might just be a matter of the authorities switching from Pegasus to Apple itself to peek into the users’ phones.
Source: Read Full Article