If you are a regular reader of Techzim or just love to read and know about tech then you are probably familiar with the Israeli company known as NSO Group. No? This security company has a product known as the Pegasus suite which it sells to governments and authorities around the world. The software allows the buyers to hack into your phone as easily as a hot knife cuts through butter.
It doesn’t matter what Operating system your phone has, the group is constantly on the hunt for new zero-day vulnerabilities. The list of vulnerable Apple devices includes Apple’s iPhones, iPad, Apple Macs and it seems even the Apple watch. This has led to a game of cat and mouse with Apple patching vulnerabilities and the NSO group hunting for new ones.
Recently Apple became aware of a new so-called “zero-click” vulnerability that the NSO Group was exploiting. A zero-click vulnerability is one that allows the attacker to infect or take over control of your phone without requiring/tricking you as a user to click on an infected link. It means your phone could be attacked silently without you being none the wiser making this a very serious flaw.
The zero-click exploit was christened “Forcedentry” by the security researchers who found it. The researchers found out that phones belonging to journalists and individuals considered dissidents in their repressive countries had been infected by the NSO group’s Pegasus software sparking a global outcry.
If you have an Apple device you need to update it now
If you have an Apple device you need to update it as soon as possible as the exploit has now been publicised. You might have been safe during the time when it was deployed by the NSO Group’s Pegasus software whose clients tend to target specific individuals but now that other hackers out there know about the exploit you can expect to see an uptick in groups using the exploit.
These groups would naturally be motivated by other factors that will make them attack indiscriminately without confining themselves to specific targets such as journalists and dissidents. Most would be motivated by profit and can leverage this flaw to gain control of your phone, iPad, computer or watch.
And the chase goes on
As for Apple and the NSO groups game of cat and mouse. It goes on. You can bet that the NSO group, motivated by the bucket loads of money they make by finding and exploiting flaws, is already on the hunt or even in possession of other unknown flaws and zero-days in Apple’s products.