Harrison Lavelle
Staff Writer
On Sept. 13, the AP reported that Apple released an emergency update to address glaring vulnerabilities in its messaging platform iMessage. The patch was crafted to prevent “no-click” spyware from infecting devices manufactured by the global tech giant.
Apple regularly releases similar updates protecting users from malicious viruses designed to compromise device integrity. No-click spyware is particularly concerning because it can infiltrate user devices without their knowledge or interaction.
The Citizen Lab researchers who revealed the breach are confident that the hacker-for-hire firm NSO developed the malicious software used to spy on a Saudi activist’s phone. The activist’s phone was compromised after virus-laden image files were deposited in his message stream.
NSO is an Israeli Cybersecurity firm specializing in digital surveillance. The Pegasus spyware system — its brainchild — is the first of its kind in that it does not require user interaction to take effect.
The private firm is in business to sell its digital services to third parties, including other state governments. Over the last few years, NSO software has been accused of spying on Mexican journalists, targeting a dissident in the UAE, and being associated with the murder of journalist Jamal Khashoggi.
Besides its use in targeting journalists and political activists, the spyware has also come into conflict with Facebook, the owner of WhatsApp. The social media conglomerate sued NSO for allegedly targeting thousands of users back in 2019.
Because the Israeli Government classifies Pegasus as a weapon, it must approve of any distributions to third parties.
Reactions from governments accused of utilizing Pegasus to conduct illicit spy operations have been issued. In Hungary, the government stated that it was not aware of any unlawful data collection by the state. Hungary countered the criticism, asking if the same questions had been brought against other countries like the United States. Morocco and India also denied any involvement with NSO and eschewed accusations of having used Pegasus recently.
While Apple has told AP that the spyware “does not pose a threat to a majority of users,” the company is still encouraging its customers to get the new update out of an abundance of caution. The recent revelations have put NSO’s self-stated commitment to helping law enforcement hinder criminals and terrorists in question.