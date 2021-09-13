Apple has released a patch for a flaw linked to the Pegasus spyware.

Apple issued a patch on Monday to address a flaw that allows the spyware at the center of the Pegasus controversy to infect devices without the user clicking on a malicious message or link.

Since an international media investigation claimed it was used to eavesdrop on the phones of human rights activists, journalists, and even heads of state, the Israeli corporation NSO Group’s Pegasus software has been under severe scrutiny.

While studying a Saudi activist’s phone that had been compromised with the code, researchers at Citizen Lab, a Canadian cybersecurity watchdog organization, discovered the flaw.

In a blog post, Citizen Lab stated, “We established that the mercenary spyware outfit NSO Group leveraged the vulnerability to remotely hack and infect the latest Apple iPhones with the Pegasus spyware.”

Citizen Lab investigated the activist’s phone in March and discovered that it had been hacked with Pegasus spyware sent via iMessage texting, and that it didn’t even require the phone’s user to click.

Apple stated it had “rapidly” built the upgrade in response to Citizen Lab’s discovery of the vulnerability just hours after delivering the repair.

“Attacks like the ones described are very complex, cost millions of dollars to develop, have a short shelf life, and are used to target specific individuals,” according to the firm.

NSO said in a statement that it would “continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight terror and crime,” and that it would “continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight terror and crime.”

Since Citizen Lab and cyber security firm Lookout discovered Pegasus five years ago, it has evolved to become more effective.

According to Lookout senior manager Hank Schless, Pegasus may be used as a “zero-click exploit,” which means the spyware can be installed without the victim having to click on a booby-trapped link or file.

In order to improve the user experience, many apps will automatically construct a preview or cache of links, according to Schless.

“Pegasus takes advantage of this feature to infect the device invisibly.”

Following an Israeli spyware incident, UN experts recently recommended for a worldwide freeze on the sale of monitoring equipment until safeguards are in place to protect human rights.

In July, an international media investigation revealed that various nations utilized the NSO Group’s Pegasus software to spy on activists, journalists, and politicians.

Pegasus has the ability to turn on a phone’s camera or microphone and collect data from it.

