Security researchers have identified a three-headed monster that could be used to record sounds, collect passwords, read text messages, record calls and track users. All iOS versions 9.3.4 and below are vulnerable.
The attack utilizes a mobile spyware product, ‘Pegasus,’ created by NSO Group — an Israeli cyber warfare company — designed to attack high-value targets. Using one of three known iOS 9.3.4 security vulnerabilities — dubbed ‘Trident’ — the exploit is capable of hijacking an iPhone or iPad with a single click.
According to Mike Murray, VP of Security Research and Response at cyber security firm Lookout:
The Trident vulnerability chain is the first that anyone’s seen of a one-click remote jailbreak of an Apple device. It’s the smoking gun active mobile threat that we’ve always known existed but didn’t yet have proof of. This demonstrates that highly resourced actors see the mobile platform as a fertile target for gathering information about targets and regularly exploit the mobile environment for this purpose.
Unfortunately, the vulnerabilities are more than a month old at this point, so it’s unclear how widespread the damage is. Security researchers at Citizen Lab and Lookout worked directly with Apple to identify, and push an emergency patch to close the vulnerabilities.
What is Pegasus?
Pegasus is a sophisticated attack that uses three vulnerabilities in the iOS software, collectively known as Trident, that, when exploited, enables attackers to install spyware on your device. Once installed, this spyware can access your personal messages, camera, phone calls, emails as well as various apps that may also be on your device, including Gmail, Facebook, Skype, WhatsApp, Viber, FaceTime, Calendar, Line, Mail.Ru, WeChat, SS, Tango, and others.
How do I protect myself?
To make sure you’re protected against Pegasus, we recommend following these steps:
1. Update your iOS operating system immediately to 9.3.5, which includes a recently released fix from Apple. To do so, go to Settings, tap ‘General’, then ‘Software Update’, and then ‘Install Now’.
2. You should also update your Lookout app to the latest version and then open the app and check the System Advisor in the Security module to determine if your device is secure.
Today, Apple released an iOS update containing the patch, iOS 9.3.5.
iOS 9.3.5 follows another security patch three weeks ago, 9.3.4, that was thought to be the final iOS 9 update before the release of iOS 10 next month. The newly-discovered vulnerability led to a change of plans, and a new iOS version. The update is available now for all iOS devices.
If you’re currently running iOS 9.3.4 (or older), it’s imperative to update your device immediately.