MobileNews

Apple defends iPhone security amid NSO’s Pegasus zero-click iMessage exploit

Over the weekend, an explosive report from Amnesty International detailed targeted attacks towards target human rights activists, lawyers, and journalists using Apple’s iMessage system as a vector by which to deliver the zero-click attacks. In a new statement provided to the Washington Post, Apple defended its security practices and said it leads the industry in security innovation.

As we detailed earlier today, a report from Amnesty International interpreted device logs to reveal the scope of targeted malware attacks in active use. The report detailed that the Israeli firm NSO Group has sold multiple attacks known as ‘Pegasus’ over the years, adapting as Apple fixed each security bug. For instance, in 2019, there was a vulnerability in Apple Photos, followed by an iMessage zero-click, followed by Apple Music in 2020.

And fast forwarding to the present day, Amnesty believes Pegasus spyware is currently being delivered using a zero-click iMessage exploit that works against iPhone and iPad devices running iOS 14.6. The exploit also appeared to successfully work against iPhones running iOS 14.3 and iOS 14.4.

Today’s report from the Washington Post includes a comment from Ivan Krstić, head of Apple Security Engineering and Architecture. Krstić says that Apple “unequivocally condemns cyberattacks against journalists, human rights activists, and others seeking to make the world a better place.” He also notes that attacks such as the ones detailed by the Amnesty International report are incredibly sophisticated and are not a threat to the “overwhelming majority” of iPhone users.

The full statement is as follows:

“Apple unequivocally condemns cyberattacks against journalists, human rights activists, and others seeking to make the world a better place. For over a decade, Apple has led the industry in security innovation and, as a result, security researchers agree iPhone is the safest, most secure consumer mobile device on the market. Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data.”

For more details on the active zero-click iMessage exploit being sold as Pegasus, check out our full coverage from this morning right here.


Check out 9to5Mac on YouTube for more Apple news:

Check out the latest Apple iPhones at great prices from Gizmofashion – our recommended retail partner.


Author: Chance Miller
Source: 9TO5Google

Related posts
AI & RoboticsNews

Nvidia and DataStax just made generative AI smarter and leaner — here’s how

AI & RoboticsNews

OpenAI opens up its most powerful model, o1, to third-party developers

AI & RoboticsNews

UAE’s Falcon 3 challenges open-source leaders amid surging demand for small AI models

DefenseNews

Army, Navy conduct key hypersonic missile test

Sign up for our Newsletter and
stay informed!