Apple has issued an emergency software update after security researchers discovered a flaw that enables highly invasive spyware.
Israeli NSO Group Infects anyone’s iPhone, iWatch, Mac computer without clicking.
Apple’s security team has been working on patches 24 hours a day since Tuesday.
Citizen Lab a cybersecurity watchdog organisation at the University of Toronto has discovered that a Saudi activist iPhone was infected with the spyware.
The spyware called Pegasus uses a new method of invisibly infecting Apple devices for six months without the victim’s knowledge.
Known as the “Zero-Click Remote Exploit,” this exploit is considered the Holy Grail of Surveillance because it allows governments, mercenaries, and criminals to secretly break into victims’ devices.
Pegasus uses a zero-click infection method to turn on the user’s camera and microphone, including messages, texts, emails, and calls (including those sent via phone apps such as encrypted messaging and Signal). )
“This spyware can do everything iPhone users can do with their devices,” said John-Scott Railton, senior researcher at Citizen Lab, who teamed up with Bill Marczak, senior researcher at Citizen Lab.
So far, victims have learned that their devices are infected with spyware only after receiving suspicious links sent in text messages to mobile phones and emails.