Amnesty International has lifted the lid on a long-running iOS exploit that allows users of spyware known as “Pegasus” to hack private data found on iPhones, iPads, and reportedly even iCloud.
The spyware, created by NSO Group, has been around since 2014 and adapts with every iOS update to take advantage of new exploits. The team seems to be capable of finding ways around every bug fix Apple lays down. When a security hole is plugged, a new one is usually found soon after, although some versions of iOS have been more successful than others at keeping Pegasus out.
Since 2018, Pegasus has been occasionally capable of “zero-click” attacks that can install spyware without any user interaction at all – a scary prospect. A zero-click exploit has even been found working on iOS 14.6, Apple’s latest release.
The good news for most of you reading this is you are very unlikely to be targeted. This is high-level, high-cost spy software sold primarily to governments. It’s not typically used to track random people. The bad news is that it’s reportedly being used to undertake “widespread, persistent and ongoing unlawful surveillance and human rights abuses” all around the world.
In particular, various governments have used Pegasus to obtain private data about human rights defenders, journalists, and lawyers. It’s not clear which governments around the world are guilty of this kind of hacking.
Although NSO Group says its software is only used to find terrorists and solve crimes. While it’s almost certainly true that Pegasus is used in this way, it’s clear from the report that far more nefarious uses are extremely common.
In order to combat these attacks, Amnesty has released a free and open forensics tool along with instructions to help security teams detect threats and deal with them. Here’s hoping it makes a difference, as it doesn’t look like there’s much we can do about it on an individual level until Apple beefs up security even further.