Amnesty International on Sunday detailed highly-targeted attacks towards specific human rights lawyers, journalists, and/or activists using Apple’s iMessage to deliver the targeted zero-click attacks. Apple provided a statement to The Washington Post.The attack is sold by Israeli firm NSO Group as “Pegasus.”
Amnesty believes Pegasus spyware is currently being delivered using a zero-click iMessage exploit that works against iPhone and iPad devices running iOS 14.6. The exploit also appeared to successfully work against iPhones running iOS 14.3 and iOS 14.4.
Ivan Krstić, head of Apple Security Engineering and Architecture, has commented on the matter.
Apple unequivocally condemns cyberattacks against journalists, human rights activists, and others seeking to make the world a better place. For over a decade, Apple has led the industry in security innovation and, as a result, security researchers agree iPhone is the safest, most secure consumer mobile device on the market. Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data.
MacDailyNews Take: Further bolstering of iMessage security coming soon, we imagine – if they haven’t already begin to arrive with Monday’s release of iOS 14.7 and iPadOS 14.7.