The Citizen Lab laboratory has discovered a dangerous vulnerability in the latest version of the iOS operating system, which can be exploited by NSO Group software. The exploit could have been used to infect an iPhone and inject the Pegasus program into the phone.
Another iOS vulnerability. iPhones were vulnerable to Pegasus
According to Citizen Lab, the vulnerability was found in the latest version of iOS (16.6), and the phone was infected without any interaction from the victim. The zero-click bug was said to be “actively exploited” by the Israeli company NSO Group to introduce the Pegasus software.
The attack started with sending a message to the victim’s iMessage containing an infected image file. Pegasus was introduced using an “exploit chain” (an exploit is a small program that takes advantage of software bugs) called BLASTPASS and this process was in no way intended to alert the phone user to a threat. Citizen Lab informs that soon more information on how these exploits work.
You can defend yourself. Citizen Lab encourages iPhone security
Immediately after detecting the threat, Citizen Lab disclosed its findings to Apple. The American giant has already released two patches (CVE-2023-41064 and CVE-2023-41061) to prevent the exploit chain from being used to infect victims’ phones. The lab encourages iPhone owners to update their smartphones’ iOS as soon as possible.
Citizen Lab also encourages those at increased risk of Pegasus surveillance to enable Lockdown Mode on their devices. It blocks e.g. contacting strangers via iMessage. Together with Apple, we have been able to determine that enabling this protection blocks this attack.
“We encourage anyone who may be at increased risk due to who they are or what they do to turn on Lockdown Mode. We believe, and Apple’s security team has confirmed to us, that Lockdown Mode blocks this particular attack.” – Citizen lab.
among others KO senator Krzysztof Brejza, attorney Roman Giertych and prosecutor Ewa Wrzosek and detected traces of the existence of Pegasus software on them. It is also known that
Source: Gazeta
Mabel is a talented author and journalist with a passion for all things technology. As an experienced writer for the 247 News Agency, she has established a reputation for her in-depth reporting and expert analysis on the latest developments in the tech industry.
