The spyware could infect anyone's iPhone, iPad, Apple Watch or Mac computer.

Edward Gately, Senior News Editor

September 14, 2021

3 Min Read
Apple iPhone iOS

Apple has issued an emergency software update to plug a security flaw allowing spyware that could potentially infect all Apple devices.

The spyware could infect anyone’s iPhone, iPad, Apple Watch or Mac computer.

Researchers from the University of Toronto’s Citizen Lab said the flaw was exploited to infect the iPhone of a Saudi activist with NSO Group’s Pegasus spyware. Citizen Lab calls the exploit FORCEDENTRY.

“In March 2021, we examined the phone of a Saudi activist who has chosen to remain anonymous, and determined that they had been hacked with NSO Group’s Pegasus spyware,” Citizen Lab said.

Israeli firm NSO Group made the spyware. Cybercriminals allegedly used the spyware to surveil journalists and human rights advocates in multiple countries.

The Apple software update plugs a hole in the iMessage software that allowed hackers to infiltrate a user’s phone with spyware without the user clicking on any links, according to Citizen Lab.

Jerry Ray is COO of SecureAge. He said users, whether individuals or companies, should most definitely update their devices as soon as practical.

“The entire game changes the moment these zero-day vulnerabilities become publicly known,” he said. “Even if Apple and others believe that the usefulness of the exploit comes only for targeting select individuals, the public awareness of the vulnerability gives other cybercriminals and hackers the opportunity to consider and create other exploits. They’ll send these exploits far and wide even knowing that Apple has patched the vulnerability, banking on the notion that enough people have not updated their devices and the vulnerability remains.”

Ray said it’s not surprising spyware could infiltrate a tech giant like Apple.

“It’s unlikely that Apple can prevent everything that could possibly be done to exploit MacOS on PCs or iOS on its mobile devices,” he said.

Pegasus Continues to Evolve

Hank Schless is senior manager of security solutions at Lookout. He said Lookout and Citizen Lab first discovered Pegasus back in 2016. Since then, it as has continued to evolve and take on new capabilities.


Lookout’s Hank Schless

“Many apps will automatically create a preview or cache of links in order to improve the user experience,” he said. “Pegasus takes advantage of this functionality to silently infect the device.”

It’s important for both individuals and enterprise organizations to have visibility into the risks their mobile devices present, Schless said.

“Pegasus is an extreme, but easily understandable example,” he said. “From an enterprise perspective, leaving mobile devices out of the greater security strategy can represent a major gap in the ability to protect the entire infrastructure from malicious actors.”

More Emphasis on Mobile Devices Needed

Kevin Dunne is president of Pathlock. He said businesses often focus on their servers and workstations as the primary targets for hacking and espionage. However, businesses now use mobile devices broadly. Moreover, these devices contain sensitive information that needs to be protected.


Pathlock’s Kevin Dunne

“Spyware is primarily targeting these mobile devices and providing critical information to unauthorized parties.” he said. “To protect themselves against spyware, businesses should look at their mobile device security strategy.”

Purandar Das is co-founder and chief security evangelist with Sotero.


Sotero’s Purandar Das

“The money in the underground economy has reached levels where criminals are organizing at scale to capitalize on the unique opportunity,” he said.

The organization funding these hackers likely stood to make million in profits, Das said.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.

About the Author(s)

Edward Gately

Senior News Editor, Channel Futures

As news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like