Update Your iPhone Now After Major Warning Issued

Jack Phillips
By Jack Phillips
September 10, 2023Science & Tech
share
Update Your iPhone Now After Major Warning Issued
A customer talks to sales assistants in an Apple store as Apple Inc's new iPhone 14 models go on sale, in Beijing, China, on Sept. 16, 2022. (Thomas Peter/Reuters, File Photo)

Security experts say that iPhone users should update their devices as soon as possible to deal with dangerous security flaws in its mobile operating system.

After the Pegasus spyware created by Israel-based NSO Group was found in iPads and iPhones, Apple Inc. released an emergency update late last week to patch the vulnerability. Researchers with the University of Toronto’s Citizen Lab said in a post Thursday they found Pegasus on an Apple device of an employee of a Washington-based civil society group.

Citizen Lab did not provide further details on the affected individual or the organization.

How to Update and What to Do

To install the iOS 16.6.1 update, open Settings on your iPhone, then select “General” followed by “Software Update.” You should see the iOS 16.6.1 software update there; tap to begin the installation.

If you don’t see the update, go back to the General page, then tap “About” to check your iOS version number. If it’s 16.6.1, you already have the update installed.

If your phone is still using 16.6 or an earlier version, repeat the above steps. If you still don’t see an update, try restarting your phone. If that doesn’t make the update appear, double-check your internet connection and then wait a bit before trying again.

Apple’s update is available for the iPhone 8 and later, the iPad Pro, the iPad Air 3rd generation and later, the iPad 5th generation and later, and the iPad mini 5th generation and later versions.

While spyware can be difficult to detect, tools such as iVerify can be used to determine whether the malware is on your phone or device. Some researchers, meanwhile, have said that restarting an iPhone or another device—turning it off and turning it back on—can disrupt the spyware.

Citizen Lab noted that turning the Apple device’s Lockdown Mode on can potentially mitigate the threat posed by the malware—namely, if your device is at a greater risk of attack.

More Details

“We attribute the exploit to NSO Group’s Pegasus spyware with high confidence, based on forensics we have from the target device,” said Bill Marczak, senior researcher at Citizen Lab, which is based at the University of Toronto’s Munk School of Global Affairs and Public Policy, according to Reuters.

Apple has since issued an emergency update for the security flaw. Researchers say iPhone users should download the patch as soon as possible.

The reasons why it’s dangerous, according to researchers, is because Pegasus allows users to send attachments via iPhone’s iMessage with hidden code to victims, known as BLASTPASS, which allows the spyware to control a device’s functions. Citizen Lab warns that it can control an iPhone or another device “without any interaction from the victim.”

“We urge everyone to immediately update their devices,” it said. “We encourage everyone who may face increased risk because of who they are or what they do to enable Lockdown Mode.”

“This latest find shows once again that civil society is targeted by highly sophisticated exploits and mercenary spyware. Apple’s update will secure devices belonging to regular users, companies, and governments around the globe. The BLASTPASS discovery highlights the incredible value to our collective cybersecurity of supporting civil society organizations.”

A controversial group, NSO told Reuters last week that it has no comment on the latest discovery or Apple’s update. An Apple spokesperson told the outlet that it doesn’t have any further comment.

The Israeli company has been blacklisted by the U.S. government since 2021 for alleged abuses, including surveillance of government officials and journalists. The firm’s spyware has been under investigation for years because, according to researchers, it can take location data, photos, communications, texts, contacts, and videos from a device without the user’s knowledge.

Several media organizations have said that NSO’s spyware was used to target the devices of several world leaders and reporters in 2021, prompting House representatives to call for the firm to be blacklisted and sanctioned. Meta, Amazon, and Apple filed a lawsuit against NSO for what they said is exploiting a bug in its app.

Last week’s Apple patch also fixed a problem with the Apple Wallet, which stores debit and credit card information. Details about the bug and the patch were not disclosed by the company.

Reuters and AP contributed to this report.

From The Epoch Times

ntd newsletter icon
Sign up for NTD Daily
What you need to know, summarized in one email.
Stay informed with accurate news you can trust.
By registering for the newsletter, you agree to the Privacy Policy.
Comments