Apple released iOS 14.8 to fix a weakness that can let the spyware at the heart of the Pegasus scandal infect devices without users even clicking on a malicious message or link.
Apple released iOS 14.8 to fix a weakness that can let the spyware at the heart of the Pegasus scandal infect devices without users even clicking on a malicious message or link. The Pegasus software from Israeli firm NSO Group has been under intense scrutiny since an international media investigation claimed it was used to spy on the phones of human rights activists, journalists, and even heads of state. Researchers at Citizen Lab, a cybersecurity watchdog organisation in Canada, found the problem while analysing a Saudi activist’s phone that had been compromised with the code. “We determined that the mercenary spyware company NSO Group used the vulnerability to remotely exploit and infect the latest Apple devices with the Pegasus spyware,” Citizen Lab wrote in a post. In March Citizen Lab examined the activist’s phone and determined it was hacked with Pegasus spyware introduced via iMessage texting and that it didn’t even require the phone’s user to so much as click.
