According to the research group that discovered the issue, an Israeli cybersecurity firm has been exploiting a significant Apple’s software vulnerability since February to silently infect iPhones using iMessage, the company’s messaging software. According to Citizen Lab, Apple issued a critical security update “iOS 14.8” on Monday that fixed the flaw.
Apple released iOS 14.8 a security update on Monday after it discovered a flaw that would allow hackers to infect iPhone, iPad, Apple Watch without a user even clicking a malicious link.
The spyware detected could open up an Apple device to data theft and to secretly listen to someone’s conversation. All of Apple’s operating systems are vulnerable, including those for iPads, Macs, and Apple Watches.
To address a vulnerability, Apple issued an emergency security software patch.
According to an internet watchdog group, the flaw allowed spyware from the world’s most infamous hacker-for-hire firm, NSO Group, to infect a Saudi activist’s iPhone without user interaction.
According to the researchers from the University of Toronto’s Citizen Lab, this is the first time a so-called “zero-click” exploit has been discovered and analysed.
They stated that they discovered the malicious code on September 7 and had high confidence that NSO Group was behind the attack.
A spokesperson for Apple confirmed the threat’s legitimacy to The New York Times and stated that “spyware barriers” would be added to iOS 15 this year.
Customers of Apple are urged to install the security patch as soon as possible.
Tap settings > Click on General > Click on Software Update > Wait for the software update to appear > Click on Download and Install.