In a recent statement, Apple has defended its iPhone against Pegasus spyware. Reports from Amnesty International found that the iPhone is vulnerable to Pegasus, directly conflicting with Apple’s claims of privacy.
Now, the Cupertino giant has condemned the spying on journalists and human rights activists. In a statement to the Washington Post, Apple defended the iPhone’s privacy and security measures. Amnesty’s report also found out that many of the Pegasus infections on iPhones were caused by iMessage vulnerabilities. Seeing the company’s strict approach to user privacy, spyware thriving within the ecosystem cannot be good news.
iPhone And Pegasus Spyware
Amnesty’s tested 67 phones for Pegasus. Out of these, a total of 37 devices were iPhones. Out of the 37 iPhones, 23 were successfully affected and 11 had signs of attempted infection. Here is an excerpt from Apple’s statement:
“Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data.”
Statement by Ivan Krstić, head of Apple Security Engineering and Architecture
It is true that Pegasus is sophisticated spyware targeting a limited number of people. However, it is surprising how easily the spyware managed to infect Apple’s iPhones. iPhone models ranging from the old iPhone 6s to the brand new iPhone 12 lineup are all vulnerable to Pegasus.
The only common thing between all iPhones is the operating system, iOS. Apple’s tightly knit ecosystem provides a smooth and secure experience. So much so that the iPhone maker has warned users against sideloading apps.
The Ecosystem Gave Way To Pegasus
However, the ecosystem seems to be crippled, as Pegasus made its way into iPhones via iMessage. The infected iMessage that the users received made no sound or notification. It quietly entered the iPhone and started working. All the hackers needed was the victim’s phone number.
iMessage allows messages from unknown numbers. This is one of the major entry points for spyware. 13 out of the 23 infected iPhones were infected through iMessage vulnerability. This is concerning for Apple users as iMessage is among the most popular apps.
Apple devices are known for their synchronization across the Apple ecosystem. So it is safe to assume that an iPhone user who has paired it with their Mac can lose significantly more data.
We’re not saying synchronization is bad, but if one branch of the ecosystem is compromised, it can be problematic for the rest of the apps and their data.
