MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos

Pegasus spyware: iOS 14.7.1 reportedly plugs security hole

Tuesday July 27, 2021. 02:31 PM , from Mac 911
If you’re concerned about recent reports of the Pegasus spyware reportedly installed by the Israeli NSO Group to hack journalists and world leaders, there’s a tool to check if it’s hidden on your iPhone. But you probably have nothing to worry about.

According to a report in the Washington Post in conjunction with nonprofit groups Forbidden Stories and Amnesty International and several others, military-grade spyware developed by an Israeli firm was used to hack some 40 smartphones “belonging to journalists, human rights activists, business executives and two women close to murdered Saudi journalist Jamal Khashoggi.” 

The phones appeared on a list of more than 50,000 phone numbers, according to the Post. NSO has denied the allegations.

There’s a good chance your iPhone isn’t on that list. While the legality of the operation may be in question, reports say the NSO seemingly targeted high-level politicians, government officials, and journalists in the operation and were only successful less than half the time. For example, Amnesty International examined 67 phones and found that “23 were successfully infected and 14 showed signs of attempted penetration.” Of those, nearly all were iPhones, according to the investigation.

Apple has reportedly fixed the vulnerability in iOS 14.7.1. The security notes don’t specifically mention Pegasus, but they refer to “a memory corruption issue” that “may have been actively exploited.”

If you’re still concerned, there’s a way to test whether your iPhone has been targeted. It’s not an easy test, mind you, but if you’re using a Mac or Linux PC and have backed up your iPhone using it, Amnesty International’s Mobile Verification Toolkit will be able to detect whether your phone has the Pegasus spyware installed on it. The tool, which TechCrunch tested, works using the macOS Terminal app and searches your latest iPhone backup on your Mac, “is not a refined and polished user experience and requires some basic knowledge of how to navigate the terminal.” You’ll need to install libusb as well as Python 3 using Homebrew. (You can learn more about the installation here.) TechCrunch says the check only takes “about a minute or two to run” once it’s been set up.

On Twitter, @rayredacted detailed the process in a lengthy thread with additional resources and explanations.

As you may have heard, @amnesty has released mat-detect. an amazing tool for detecting whether your device has evidence that it may have been touched by the Pegasus spyware. In this thread I am going to tell you about my experience and lessons using this tool one iOS. (1/13)— Ray [REDACTED] (@RayRedacted) July 21, 2021

Related News

News copyright owned by their original publishers | Copyright © 2004 - 2021 Zicos / 440Network
Current Date
Sep, Sat 18 - 18:37 CEST