• Sat. Sep 18th ,2021

Apple releases emergency security patch to block zero click spyware

By   Sumit Horo

Date: Sep 15, 2021

Apple Inc., the American multinational smartphone manufacturer, has reportedly rolled out an emergency software update to patch a security flaw after it was discovered that it allowed a prominent spyware, associated with the infamous Israel-based NSO Group, to infect a Mac computer, iPhone, or Apple Watch without the user having to interact with the device.

According to reliable sources, the malware was discovered on the phone of a yet unidentified Saudi Arabian activist by Citizen Lab, a Canadian internet security monitor.

This is the first time a "zero-click" security flaw has been discovered and analyzed. This exploit allows an attacker to effectively hack a device without needing the victim to click on anything, this means that there was virtually no chance to detect the cyberattack.

The phone is believed to have been hacked in February, but the researchers detected the dangerous malware on September 7 and promptly notified Apple.

Ivan Krstic, the head of Apple's security engineering and architecture, stated that after identifying the security flaw utilized by the exploit for iMessage, Apple quickly created and rolled out a patch in iOS 14.8 to protect the company’s consumers.

Krstic also explained that these type of attacks are highly complex and require an immense amount of capital, usually in millions to develop. They also have a short lifespan and are utilized to target specific people.

While this means they do not pose a threat to the vast majority of Apple users, the firm continues to work diligently to safeguard all of its customers. Apple is continuously implementing additional security to users' devices and data.

Bill Marczak, a researcher at Citizen Lab, stated that there is a significant probability that the cyberattack was carried out by the Israeli surveillance company, NSO Group. However, it is not being necessarily attributed to the Government of Saudi Arabia.

According to credible sources, NSO neither confirmed nor refuted its involvement in the technique, simply stating that it will continue to deliver life-saving technology to law enforcement and intelligence organizations throughout the world in the fight against terrorism and crime.

Source credit: https://news.sky.com/story/apple-issues-emergency-software-update-after-discovery-of-zero-click-malware-12407471

Related Post

China orders Tencent and Alibaba to open their platform for each other

Parker-Hannifin nears Meggitt takeover after TransDigm pulls its bid

TikTok beats YouTube in terms of 'average watch time' in the US and UK