Apple users should plan to update their iPhones and iPads to the latest security update, iOS 9.3.5, as soon as possible. The update includes fixes to vulnerabilities that pose a serious threat and have been utilized to launch attacks on public users.
Apple sent out the iOS 9.3.5 update Thursday, which addresses two kernel bugs and one WebKit bug, following a report from the security firm Lookout Security and Citizen Lab. The report details how a cyber warfare firm, NSO Group, used its connections with the government to develop exploitative software for malicious purposes. The malware, called “Pegasus,” was used to hack the iPhone of Emirati human rights activist Ahmed Mansoor.
What Is “Pegasus” Malware?
Pegasus is essentially a single-click remote jailbreak, which can give attackers complete control of an infected device. At worst, the malware can access text messages and emails on a device, track calls and contacts, record sounds, access passwords and follow the an iOS user's’ activity, according to the The New York Times (via Gizmodo).
In particular, Pegasus exploits three iOS vulnerabilities, which are being called the “Trident.” One reveals a device’s kernel memory within an infected app, while another uses kernel privileges to push malicious codes and commands through applications. The final flaw uses WebKit to push malicious code onto a device after users visit a compromised website.
Why An Update Is Necessary?
The vulnerabilities are found in iOS versions 9.3.4 and earlier, which makes the update to iOS 9.3.5 mandatory.
How To Update To iOS 9.3.5
Apple is sending the update 9.3.5 wirelessly, but iPhone users can access Settings > General > Software Update to see if the software is available and install the update manually. The software requires 39.5MB of memory and a Wi-Fi connection to install.
What Else Is There To Know About The NSO Threat?
Mansoor realized he was being targeted with Pegasus after receiving a suspicious link.If clicked, the link would have installed the NSO software onto his iPhone 6, enabling tracking and surveillance. He reported his findings to Lookout Security and Citizen Lab, which then performed its own investigation and reported findings to Apple. The firms’ joint report was published Wednesday, prior to Apple’s rollout of iOS 9.3.5.
The NSO Group is known for working with governments to develop tools to track journalists, activists and members of various organizations and technology companies.
Others targeted by Pegasus include Mexican investigative journalist Rafael Cabrera and anonymous iOS users in Kenya, according to Motherboard . At this time it appears none of the users have accessed infected links, so official Pegasus attacks have not been launched.