New Apple iOS update protects devices from 'Pegasus' intercept spyware

By on
An Apple iPhone is pictured next to the logo of Apple in Bordeaux, southwestern France, February 26, 2016.
An Apple iPhone is pictured next to the logo of Apple in Bordeaux, southwestern France, February 26, 2016. Reuters/Regis Duvignau

Apple released Thursday an iOS update that aims to boost security of iPhones, iPads and iPods from a spyware that tries to remotely intercept user’s text messages, emails, contacts, phone calls and location.

Apple’s iOS 9.3.5 is the second security patch that the Cupertino, California-based company has issued this month. Available for iPhone 4s and later models, iPad 2 and later and fifth generation of iPod, the iOS update is meant to address the security loopholes discovered after an Arab human rights activist reported suspicious link to a spyware that could have taken over his iPhone.

Ahmed Mansoor reported the suspicious link he received in a text message to San Francisco-based smartphone security firm Lookout and activist group Citizen Lab. Both entities identified the spyware as “Pegasus,” a government-exclusive “lawful intercept” spyware product created by an Israeli company, NSO Group.

Owned by American venture capital firm Francisco Partners Management, the NSO Group has not acknowledged responsibility for the spyware. However, it issued a statement saying it is provides “governments with technology that helps them combat terror and crime.”

The spyware causes a silent infection when the iOS device user clicks on the link. A malware would be installed on the device and extract information that will be sent back to the source.

An expert on iPhone security, Jonathan Zdziarski said the trident spyware can “hook and eavesdrop on clean and installed apps, camera and mic.”

The iOS 9.3.5 update is meant to address the vulnerabilities reported by Citizen Lab and Lookout. To update iOS devices, simply go to Settings, click on General and choose Software Update.