Apple closes vulnerability that left devices vulnerable to viewers

Apple calls on users of its phones, laptops, iPads, and watches to install an instant security update. The update prevents spyware from the NSO Group, an Israeli software developer, from being deployed.

In July it was announced that the NSO Groups Pegasus software is being used worldwide to hack journalists, human rights activists and lawyers. If a phone is infected, the perpetrators can steal files as photos and emails. Microphone and camera can also be switched on remotely.

Research by The Citizen Lab of the University of Toronto revealed that the malware can be put on Apple devices via the iMessage app. Employees found out when investigating the phone of a Saudi activist, who was also infected. As far as The Citizen Lab could tell, the leak in the app was first abused in February.

NSO Group

The NSO Group is an Israeli company that specializes in spy software. Customers are intelligence and investigation services and armies in forty countries, including Rwanda, India, Bahrain, Saudi Arabia and Azerbaijan. According to the media that published about the leak, Hungarian Prime Minister Orbán has also made use of it. NSO says the spyware is meant to fight terrorism and crime, not to help violate human rights.

1.6 billion vulnerable Apple devices are in circulation worldwide. Not every Apple user is now targeted immediately. Developing this software is very complicated and costs millions of dollars, says Apple. Often this type of software is useful for a short period of time and is targeted against certain people. That means, according to Apple, the vast majority of users are not at risk.