Pegasus spyware: Apple sends alerts to people in 150 countries

Pegasus spyware: Apple sends alerts to people in 150 countries

Spying on iPhones using sophisticated spyware such as Pegasus appears to be far more common than feared. According to the manufacturer Apple, it has now sent warnings to potentially affected users in 150 countries worldwide, as reported by the Washington Post. It is unclear how many people were attacked in total and has not yet been officially announced; but the sheer number of affected regions is astounding.

Recently, a large-scale surveillance campaign in Thailand was uncovered. Apple had already notified possible victims of this in November. As it now turns out, state authorities apparently used Pegasus to spy on at least 30 activists and their supporters who are involved in NGOs of the pro-democracy movement. Civil society organizations had contacted the human rights organization iLaw, which is working to create a new, democratic constitution in Thailand. More victims were quickly found and contacted there, according to the Washington Post report.

The infections with Pegasus took place between the end of 2020 and the beginning of 2021. This comes at a time when the Thai government had been attempting to severely suppress efforts at democracy. Data on local Pegasus casualties was also discovered by Amnesty International’s IT security group, as well as the Canadian organization CitizenLab. The espionage does not only concern the Global South or Eastern Europe. Only recently a Pegasus campaign was uncovered by Spanish secret services.

The extent of the espionage, behind which not only the Pegasus creator NSO Group, which Apple is now suing, is so great that Apple feels compelled to take clear countermeasures. With iOS 16, a new lockdown mode is now to be introduced that seals devices better – even if comfort will cost money. The function, for which Apple has set up a highly endowed bug bounty program to quickly find security gaps, is also to be made available for iPad (iPadOS 16) and Mac (macOS 13 Ventura).

According to Apple, the lockdown mode is aimed at people who are particularly at risk and should not be active by default. Apple currently specifies five different areas that should be better protected when the feature is active. But more can be added here, the new operating systems will appear in autumn. In lockdown mode, certain attachments can no longer be displayed in iMessage, for example, and the link preview is deactivated. In addition, certain browser and MDM functions are blocked, which could serve as a gateway for spyware.

More from Mac & i

(bsc)

To home page

iX workshop on IT security: Current attack techniques and how to defend against them Previous post iX workshop on IT security: Current attack techniques and how to defend against them
Malicious code attacks with root privileges on Cisco Nexus Dashboard possible Next post Malicious code attacks with root privileges on Cisco Nexus Dashboard possible