This is a MUST for iPhone users.
Apple has issued a global update of iOS, its mobile operating system, following the discovery of an established private cyberarms dealer that found a way to hack every iPhone worlwide.
It was learned that hackers from NSO Group, an Israeli company, developed a sophisticated piece of malware that exploited three previously unknown vulnerabilities in Apple’s iOS. Thus, Apple developed a patch with its latest iOS update, which iPhone users need to download immediately.
“We were made aware of this vulnerability and immediately fixed it with iOS 9.3.5. We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits,” a spokesman told AP.
Citizen Lab and mobile security company, Lookout, said that this is unprecedented. Lookout vice president of research, Mike Murray, told Motherboard that the hack was “a remote jailbreak — the process of removing software restrictions imposed by iOS.”
“We realised that we were looking at something that no one had ever seen in the wild before. Literally a click on a link to jailbreak an iPhone in one step. [It is] one of the most sophisticated pieces of cyberespionage software we’ve ever seen,” he said.
Mr Murray said the malware, codenamed Pegasus, gave attackers full control of the smartphone.
“It basically steals all the information on your phone, it intercepts every call, it intercepts every text message, it steals all the emails, the contacts, the FaceTime calls.
“It also basically backdoors every communications mechanism you have on the phone.
“It steals all the information in the Gmail app, all the Facebook messages, all the Facebook information, your Facebook contacts, everything from Skype, WhatsApp, Viber, WeChat, Telegram — you name it,” he said.
The NSO Group, which was established in 2010, has become notorious for selling its sophisticated malware to governments, working in stealth, and operating without any web presence other than a LinkedIn profile.
Citizen Lab researcher Bill Marczak told Wired that this is the first time any security researcher has ever gotten a copy of NSO Group’s spyware and been able to “reverse engineer it.”
The threat was found when human rights activist from the United Arab Emirates, Ahmed Mansoor, received a text message offering “new secrets about torture of Emiratis in state prisons” with a link from an unknown number. Mr Mansoor then flagged the message with Citizen Lab.
However, the NSO Group won’t be able to use this particular attack on updated iPhones, but it’s likely that another will come up soon.
To update your iPhone go to Settings>General>Software Update.