Tools produced by the NSO Group may have been used to spy on journalists and and activists, and Apple has provided a response to the claims.
Journalists and activists targeted by spyware
A report claims that tools developed to spy on criminals have been used on journalists and activists as well. The "Pegasus" tool provided by the NSO Group is capable of jailbreaking a device like an iPhone and spying on the user.
After publication of the details surrounding the cyberattacks, Apple provided a response.
Apple unequivocally condemns cyberattacks against journalists, human rights activists, and others seeking to make the world a better place. For over a decade, Apple has led the industry in security innovation and, as a result, security researchers agree iPhone is the safest, most secure consumer mobile device on the market.
Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data.
Apple devices have a reputation for being highly secure and difficult to hack or tamper with. However, a new exploit or weakness can be used to target individuals before the vulnerability is patched.
It appears that the cyberattacks were executed using a zero-click iMessage vulnerability, an Apple Music attack vector, and others. The Pegasus tool is provided by the NSO Group as a means of spying on criminals, but of course the tool can be used against good guys as well.
A group of ten governments are believed to be NSO clients, like Azerbaijan, Kazakhstan, Rwanda, and the UAE. Non-criminal targets seem to only include those who might criticize a government like journalists, so the average consumer doesn't need to fear this spyware.
Apple will likely patch any attack vectors used by Pegasus in upcoming software updates. However, this will always remain a cat-and-mouse game as long as new vulnerabilities are discovered in the wild.
Keep up with everything Apple in the weekly AppleInsider Podcast -- and get a fast news update from AppleInsider Daily. Just say, "Hey, Siri," to your HomePod mini and ask for these podcasts, and our latest HomeKit Insider episode too. If you want an ad-free main AppleInsider Podcast experience, you can support the AppleInsider podcast by subscribing for $5 per month through Apple's Podcasts app, or via Patreon if you prefer any other podcast player.