It has been reported that under iOS devices have three weaknesses that cause you can install a malware and thus take control of the device. Such malware is installed through a simple message with a link, which when clicking will open the door for someone to have access to our calls, messages, emails and all information we have stored on the device.
Apple has already released the updated iOS 9.3.5 coming to solve the serious security flaw, which was detected last August 11 when they tried to spy on activist Middle East. Why Apple is asking all owners of a device iOS upgrade to the new version as soon as possible.
How does it work and how this malware was discovered?
According to the information, these three vulnerabilities were exploited by the group of Israeli NSO Group espionage, and is very similar to what happens with the jailbreak, which releases the device to external sources can install applications and modify parameters mechanism operating, the difference here is that openness gives access to all the information terminal.
It all started when Ahmed Mansoor, an activist for human rights in the United Arab Emirates and who has been spied on several occasions, received last August 10 a text message on your iPhone that promised information about cases of torture in prisons in their country, closing message with a link that supposedly would give access to information.
A Mansoor seemed suspect the message and decided not to open the link. Later he went to Citizen Lab, a group of Internet surveillance based in San Francisco, who along with the security group Lookout, located at the University of the Munk School of Global Toronto Affairs, confirmed that the iPhone could be fully committed to only open that link.
The malware is actually a sophisticated highly sought after in the world of cyber espionage since late 2015, which is known as “Pegasus”, which various governments and institutions offered a million dollars, and apparently, it served to spy on citizens and various public figures.
You may also like to read another article on Lab-Soft: iPhone SE, how much are you willing to pay for an iPhone
“Pegasus” a sophisticated spy tool
Pegasus is able to intercept phone calls, text messages and iMessages, receive live video applications such as FaceTime and Skype, access emails complete with attachments, activate cameras and microphones remotely and empty all the information contained in the device.
Lookout says that Pegasus is the most advanced spy software that been detected, plus it can be customized to crawl only some elements periodically and send the information automatically from time to time; all information travels with a strong encryption makes it impossible to detect the spy and capture information while traveling.
But most worrying of all is that there are indications that Pegasus has existed since iOS 7, which could mean that this spy software has gone unnoticed for several years.
Apple has said that the vulnerabilities have been corrected, something they have worked since Citizen Lab Lookout and told them the details of the failure, so the version 9.3.5 of iOS is solving all the risks associated with Pegasus tool.
On the other hand, NSO Group has also come to make statements, without claiming responsibility for Pegusus, where they have only mentioned that its mission is to provide authorized technology to help them combat terrorism and crime governments.
With this discovery is opening a new possibility of leaving names of governments and institutions that have made use of this tool, so this is just beginning and aims to get even more interesting.