scorecardresearch
Pegasus attack: Working on adding protection, says Apple

Pegasus attack: Working on adding protection, says Apple

Cupertino giant Apple has condemned the cyberattack, citing Pegasus-like attacks to be highly sophisticated and often targeted at individuals. In addition, Apple is constantly adding new protection

The Pegasus attack is believed to have exploited Apple's iMessage (Source: Reuters) The Pegasus attack is believed to have exploited Apple's iMessage (Source: Reuters)

Considered to be the most secure mobile platform after BlackBerry OS, Apple's iOS platform too is being reported to be attacked by Pegasus spyware.The Pegasus attack is believed to have exploited Apple's iMessage. Cupertino giant Apple has condemned the cyberattack, citing Pegasus-like attacks to be highly sophisticated and often targeted at individuals. In addition, Apple is constantly adding new protection.

Ivan Krstic, head of Apple Security Engineering and Architecture said, "Apple unequivocally condemns cyberattacks against journalists, human rights activists, and others seeking to make the world a better place. For over a decade, Apple has led the industry in security innovation and, as a result, security researchers agree iPhone is the safest, most secure consumer mobile device on the market."

Amnesty International conducted analysis of several devices that reveal traces of attacks similar to those we observed in 2019. These attacks have been observed as recently as July 2021. Amnesty International believes Pegasus is currently being delivered through zero-click exploits which remain functional through the latest available version of iOS as of July 18, 2021.

According to Amnesty International's 'Forensic Methodology Report' these also include so-called "zero-click" attacks which do not require any interaction from the target. Zero-click attacks have been observed since May 2018 and continue until now. Most recently, a successful "zero-click" attack has been observed exploiting multiple zero-days to attack a fully patched iPhone 12 running iOS 14.6 in July 2021.

"Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data," adds Ivan Krstic.

Contrary to the reports that Pegasus does not leave any traces, Amnesty International's Security Lab has performed in-depth forensic analysis of numerous mobile devices from human rights defenders (HRDs) and journalists around the world and has documented forensic traces left on iOS and Android devices following targeting with the Pegasus spyware.

Pegasus Spyware developed by NSO Group, an Israeli company, first came to the limelight in 2016, when an Arab activist got suspicious after receiving a shady message. On July 18 2021, a number of news websites, including the Washington Post and the Guardian, published a fresh set of reports based on research carried out by Amnesty International suggesting Pegasus continues to be in use and over 10 countries, including India, are using this spyware to scoop data from the phones of thousands of people.

Also Read: Pegasus updated guide: How it infects phones, what it does, how to detect and get rid of it

Also Read: Pegasus spying: how Pegasus is installed on phone, what it does, and how to get rid of it