Apple said Monday it has fixed a computer flaw that controversial Pegasus software, from Israeli company NSO, was able to exploit to infect branded devices without a user even clicking a hoax link or button.
The flaw was spotted by researchers at Citizen Lab, who discovered that a Saudi activist’s iPhone had been infected via iMessage, Apple’s messaging system.
According to this cybersecurity organization at the University of Toronto, Pegasus has been using this vulnerability “since at least February 2021”.
«Cet exploit, que nous avons baptisé FORCEDENTRY, cible la bibliothèque de rendu des images d’Apple, et fonctionnait contre les appareils Apple iOS, MacOS et WatchOS», les systèmes d’exploitation des mobiles, ordinateursé et la montres connect marque the Apple.
In its update note released Monday, the tech giant noted that “Apple is aware of a report that this flaw could be exploited.”
Citizen Lab played a key role in highlighting the mass espionage scandal via Pegasus in July.
According to information from a union of 17 media professionals, in France, a number of Emmanuel Macron, former Prime Minister Edouard Philippe and 14 members of the government “appear in the list of issues chosen by the Moroccan state security service, the user of the Pegasus spyware, for possible hacking.
In all, according to Amnesty and Forbidden Stories, the case concerns a list of 50,000 phone numbers in the world chosen since 2016 by NSO clients.
Ron Diebert, director of Citizen Lab, joked in July that Pegasus is allowing “its own NSA purchase.”
Apple did not immediately respond to AFP’s request.