ReutersAn Israel-based cyber surveillance company developed a tool to hack into Apple iPhones with a never-before-seen technique that has been in use since February, Internet security watchdog Citizen Lab said on Monday.
The discovery is important because of the critical nature of the vulnerability, which does not require any user interaction and affects all versions of Apple’s iOS, OSX, and watchOS except those updated on Monday.
Malware developed by the Israeli firm NSO Group violates the security systems designed by Apple in recent years.
Apple said it had fixed the vulnerability in Monday’s software update, confirming Citizen Lab’s finding https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in -the-wild.
An Apple spokesperson declined to comment on whether the hacking technique came from the NSO Group. A spokesperson for the Israeli company did not immediately respond to a request for comment.
Read: Apple confirms presentation date of iPhone 13
Citizen Lab said it had found the malware on the phone of an unidentified Saudi activist and that the phone had been infected with spyware in February. It is unknown how many other users’ phones may have been infected.
People wouldn’t have to open anything for the attack to work. Investigators said they did not believe there was any visible indication that a hack had occurred.
The vulnerability lies in the way iMessage automatically renders images. IMessage has come under repeated attacks by the NSO and other cyber weapons dealers, prompting Apple to update its architecture, but the renovation has not fully protected the system.
“The most popular chat applications run the risk of becoming the weak point of device security. Securing them should be a priority, ”said John Scott-Railton, a Citizen Lab researcher.
Subscribe to Forbes Mexico