Apple reveal ‘Pegasus’ spyware infiltrated their devices

The ‘Pegasus’ spyware, used to hack deceased journalist Jamal Kashoggi, has been confirmed to exist in Apple devices – a new software update was released to counter the issue

On Monday (13 September) Apple released a software update, which contains fixes for the issue that Citizen Lab have brought to light. The NSO Group’s ‘Pegasus’ software has found a way to infiltrate Apple devices, leading to the urgency of the new software update.

Which devices are at risk?

According to Citizen’s Lab, Pegasus spyware found a weakness in Apple products such as iPhones, iPads, Apple Watch and Mac computers – which allowed hackers to infiltrate devices without requiring the user to click a link. In the past, the spyware needed a user to click a convincing link – then would have access to the camera, contacts list, texts, phone calls and user location.

The new update should patch the issue, leaving Apple devices protected against this advanced form of the spyware.

What is Pegasus?

The Pegasus software is described by the NSO Group as a security measure that Governments use to track and fight terrorist threats. The software has been sold to Saudi Arabia, the UAE, Morocco and Mexico, among others.

However, an investigation by Amnesty International in July, 2021, found that atleast 50,000 people were being tracked via the spyware – with politicians, activists and journalists on the list. In Mexico, atleast 24 activists are known to be under surveillance.

WhatsApp faced attack in 2019

This is not the first tech company to face an attack from the NSO Group’s software. Back in 2019, around 1,400 WhatsApp users were infiltrated with a phone call – that they did not need to answer. Since then, it seems that the software has evolved further to the point of infiltrating devices almost invisibly.

In an initial statement, WhatsApp said: “In May 2019 we stopped a highly sophisticated cyber attack that exploited our video calling system in order to send malware to the mobile devices of a number of WhatsApp users.

“The nature of the attack did not require targeted users to answer the calls they received.

“We quickly added new protections to our systems and issued an update to WhatsApp to help keep people safe. We are now taking additional action, based on what we have learned to date.”