Apple urges users to update their devices after terrifying spyware was detected by a cyber-surveillance company on Monday, Sept. 13.
According to Reuters, Internet security watchdog group Citizen Lab was the first to identify the flaw, which allows hackers to access devices through the iMessage service even if the user does not click on any link or file,
“The user sees crickets while their iPhone is silently exploited,” said John Scott-Railton, a senior researcher at The Citizen Lab, according to NBC News. “Someone sends you a GIF that isn’t, and then you’re in trouble. That’s it. You don’t see a thing.”
The news media noted that the vulnerability is present among all versions of Apple’s iOS, OSX, and watchOS.
Apple had quickly launched a new software update on Monday, removing the security hole, and users are advised to update their devices to iOS 14.8 and iPadOS 14.8 for protection.
Security experts observed that the spyware would most likely be used against specific individuals, meaning most Apple users do not need to worry that they have been hacked.
“Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals,” said Ivan Krstić, head of Apple Security Engineering and Architecture in a statement.
The spyware with such advanced technology was developed by NSO Group, an Israeli firm that hacks devices on request, Citizen Lab alleged.
The NSO Group had not either rejected or confirmed that they were behind the spyware.
For years, NSO Group had insisted that their products were devised to help legitimate governments tackle terrorists and other criminals and decline any allegations they would allow wrongful use of their software against innocent people.
But recently, their prominent product, Pegasus, was reported to have been used by authoritarian governments against people that were not criminals, including rights activists, journalists, ministers, opposition leaders, the legal community, business people, government officials, scientists, and others.
NBC News noted that Citizen Lab had repeatedly discovered Mexican journalists that probed cartels and Saudi Arabian dissidents, including colleagues of deceased Washington Post columnist Jamal Khashoggi, were subjected to Pegasus.
With the new updates already in place to counter the “zero-click” spyware, Krstić said Apple would “continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data,” per Reuters.
“But what we know is NSO is always trying to find other ways to infect people’s phones, and they may turn to something else,” he admitted with NBC News.