Authored by a Symantec employee
Cyber espionage, also known as cyber spying, is grabbing a lot of headlines lately. The most recent incident affects Apple’s iOS. Researchers at Citizen Lab have discovered that a highly sophisticated cyber espionage group has deployed a very rare, advanced form of spyware, which can break an iPhone wide open.
The good news- Apple has already pushed out the update to fix three vulnerabilities, that when combined, lead to compromise of an iOS device. If you haven’t already, you should update your software immediately.
Additionally, this particular spyware was aimed solely at a UAE human rights defender and is not confirmed to be affecting regular users. This is one of the most complicated pieces of iOS spyware seen in the wild. The company that released the spyware specializes in creating mobile cyber espionage tools, and then sells them to other agencies as well as governments in order to perform spying and surveillance.
How Does it Work?
The spyware, known as Pegasus, is distributed by sending a link to a malicious website via text message. Clicking on the link leads to the exploit chain, which is what leads to the malware being installed. In turn, it completely opens up the phone to the attackers, giving them access to everything on the device-microphone, voice calls, emails- you name it. In addition to giving the attackers access to the phone’s data, it can also access the GPS in order to track the target’s movements.
These types of “cyber weapons” have been around for a while now, and it was just a matter of time before they hit iOS. Anything with an Internet connection, no matter who the manufacturer is, can become vulnerable in this day in age. Fortunately, Apple has rushed to patch this issue, which goes to show how critical it is to perform software updates as soon as they become available.
Disclaimers and references:
Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.
© 2018 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the Lockman Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Google Chrome is a trademark of Google, Inc. Mac, iPhone