BOSTON (AP) – Apple has released an emergency software patch to fix a security vulnerability that researchers believe could allow hackers to directly infect Apple devices without user action.
Researchers at the University of Toronto’s Citizen Lab said the flaw allowed spyware from the world’s most infamous hacker company, NSO Group, to directly infect a Saudi activist’s iPhone.
The flaw affected all of Apple’s operating systems, the researchers said.
It was the first time that a so-called “zero click” exploit had been detected and analyzed, said the researchers, who found the malicious code on September 7 and immediately alerted Apple. They said they had great confidence that the Israeli company NSO Group was behind the attack, adding that the targeted activist had asked to remain anonymous.
“We do not necessarily attribute this attack to the Saudi government,” said researcher Bill Marczak.
Although Citizen Lab has previously found evidence of clickless exploits used to hack the phones of al-Jazeera reporters and other targets, “this is the first where the exploit was captured so that we can find out. how it works, ”Marczak said.
Although security experts say the average iPhone, iPad, and Mac user usually doesn’t have to worry – such attacks are highly targeted – the discovery has always alarmed security professionals.
A malicious image file was transmitted to the activist’s phone through the instant messaging app iMessage before it was hacked with NSO’s Pegasus spyware, which opens a phone to eavesdropping and data theft remotely, said Marczak. It was discovered during a second examination of the phone, which forensics showed had been infected in March.
NSO Group did not immediately respond to an email seeking comment.
Calling all HuffPost superfans!
Sign up to become a Founding Member and help shape the next chapter of HuffPost
The Huffington Gt