Surprisingly yesterday Apple released the next version of firmware iOS 9.3.5,which fixes vulnerabilities that allows attackers to remotely jailbreak an iPhone in order to install spyware, and blocks to access the user data and the virus called ‘Pegasus‘. The virus, which the company is NSO Group sells for over a million dollars and who is obliged to work out the money spent spying on dissidents and very active in the opinion of some organs of domestic journalists. First discovered by Citizen Lab and Lookout, these vulnerabilities, called Trident, are being used by attackers to install the malware on the target’s iPhone.
Based on materials Citizen Lab:
Ahmed Mansoor – human rights defender, received the Martin Ennals Award (once known as the “Nobel Prize in the field of human rights”). 10 and 11 August 2016 Mansour received several text messages that promised to reveal the “secrets” of prisoners who tried to UAE prisons, if he goes on in the secured communications link.Instead of switching on the link Mansour sent a message to the Citizen Lab research center, which was an association links derived from NSO Group, Israel “kibervoennoy” company that sells spyware “Pegasus“. It is reported that the NSO Group owned by US venture capital firm Francisco Partners Management ( she also used to belong to the Israeli LYNX, and now enters into the Dell Software – Ed. ).
These two organisation study of Citizen Lab and Lookout Security proved that the links in the messages lead to a chain of “zero vulnerability” that can be used to remotely hack iPhone 6 Mansour and install special software for surveillance. The chain of these zero vulnerabilities called Trident. Attacking the iPhone once the device becomes the “Digital Spy” in the pocket of the owner – malware can use the camera and microphone smartphone to record user activity outside of digital technology, and in addition, also send attackers logs correspondences in instant messengers like WhatsApp or Viber, and monitor for the owner of the location and listen to calls.
The attack is simple; send a phishing text containing a link to a target and try to convince that target to visit the link. Once the target opens the link they will go to a site that contains an exploit kit, which would remotely jailbreak the phone and install the “Pegasus” spyware kit.
Pegasus The work described in Lookout Security So:
Analysis of Lookout has shown that the virus uses three zero vulnerability (Trident) in iOS:
- CVE-2016-4655: Information leak in the kernel – allowing the virus to calculate the location of the kernel memory.
- CVE-2016-4656: Penetration into kernel memory leading to jailbreak – kernel-level vulnerabilities permit a “quiet” break-in and install their own malicious software.
- CVE-2016-4657: A vulnerability in the Safari WebKit allows attackers to penetrate the memory using normal web links.
malicious attack suggests following a link, which is an empty shell – instead of the owners concerned information on the device is installed malware affecting iOS kernel. Should we be afraid of ordinary users? Not worth it. This attack was planned in order to obtain important and very expensive information about dissidents and journalists who support them. If this description does not concern you – no reason to worry about.
But it is recommended to update your device – in every Apple update fixes many bugs and closes several critical vulnerabilities that lead to not very funny consequences. So why take the risk?
All iOS users, whether they are using iPhone’s or iPad’s, are strongly recommended to upgrade to iOS 9.3.5 immediately.
Hope This article will help you ! Let us Know the feedback.!