Apple wants you to update your iPhone, Mac, and Apple Watch after it fixed a software flaw that let hackers spy without anyone clicking a link
Applehas fixed a flaw that was letting hackers spy on devices without users even clicking a link.
- The zero-click hack gave access to device cameras, microphones, and messages without users knowing.
- Apple is telling users to update their iPhones, Macs, and Apple Watches immediately to protect them.
Apple is warning users to update their devices as soon as possible after it fixed a major
The company has released emergency
"Apple is aware of a report that this issue may have been actively exploited," the company said on its website Monday.
The Canadian academic research group The Citizen Lab published a report Monday saying it had uncovered a zero-day, zero-click exploit affecting iPhones, Macs, and Apple Watches. The lab says the flaw allowed the Israeli spyware company NSO Group to remotely infect Apple devices. Because users don't even have to click a link for the spyware to start working, they won't even know their devices have been infected.
"After identifying the vulnerability used by this exploit for iMessage, Apple rapidly developed and deployed a fix in iOS 14.8 to protect our users," said Ivan Krstić, head of Apple Security Engineering and Architecture, in a statement to Insider. "We'd like to commend Citizen Lab for successfully completing the very difficult work of obtaining a sample of this exploit so we could develop this fix quickly. Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data."
Known as Pegasus, the spyware can record texts, emails, and phone calls and share them with NSO Group's government clients worldwide, The Times reports. It can also turn on devices' cameras and microphones.
"This spyware can do everything an
The Citizen Lab said it discovered the exploit, which it calls Forced Entry, in March while examining the phone of a Saudi activist who had been hacked with the spyware. The lab believes Forced Entry has been at work since at least February.
NSO Group was also found to be using zero-click attacks earlier this year. In July, Amnesty International found that military-grade spyware from NSO Group was used to hack the iPhones of dozens of journalists, activists, and executives.
Apple did not immediately respond to requests for comment.
A representative for NSO Group emailed the following statement: "NSO Group will continue to provide intelligence and law enforcement agencies around the world with life saving technologies to fight terror and crime."
- A married couple with a 4-month-old baby were both laid off by Google, while one of them was on parental leave
- A Google employee of 11 years says he and his wife stared at each other in 'disbelief' when they realized they'd both been laid off by the company
- 6 signs that you're in a one-sided relationship and how to find balance
- 'It feels like slap in the face': Sacked Google worker whose mother died of cancer
- Adani Enterprises’ ₹20,000 crore FPO now open, analysts maintain cautious optimism
- Shark Tank effect: How sales zoomed, websites crashed, and Amazon listings were lost
- Here’s how T+1 affects your life: Shorter settlement cycle to boost liquidity and make BTST trades smoother
- What is fingerprint unlock feature for Chrome incognito tabs and how does it work