Sophisticated spyware has landed on iPhones.
The phones were hacked using a so-called “zero-click” iMessage exploit, where hackers can gain control over a device without human interaction, according to an investigation by Amnesty International, which said the spyware was developed by Israeli surveillance firm NSO Group.
The investigation was done in coordination with Forbidden Stories, a Paris-based media non-profit.
“Apple prides itself on its security and privacy features, but NSO Group has ripped these apart,” Amnesty International said in a statement. “NSO Group can no longer hide behind the claim that its spyware is only used to fight crime.”
The attacks exposed journalists and politicians who risk having their location and their personal information monitored and possibly used against them, the human rights group said.
SUSPECT IN TWITTER HACK OF JEFF BEZOS, ELON MUSK, JOE BIDEN, OTHER LEADERS AND TECH COMPANIES ARRESTED
A successful zero-click attack was observed on a fully patched iPhone 12 running iOS 14.6 in July 2021, according to the report.
“Apple unequivocally condemns cyberattacks against journalists, human rights activists, and others seeking to make the world a better place,” Ivan Krstić, head of Apple security engineering and architecture, told FOX Business in a statement.
“Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals,” Krstić said. “While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data.”
The NSO Group did not immediately respond to a request for comment.
How to detect spyware
Spyware surreptitiously gathers information about you, such as internet usage data, and then sends it to another party. The most malicious spyware will install software that changes the settings on your phone and/or steals usernames and passwords.
It typically lands on your phone along with a program or app that you installed yourself. “Spyware often accompanies programs that are disguised as useful software, such as download managers, registry cleaners, and so on,” Internet security company Kaspersky says.
DHS REQUIRES ‘CRITICAL’ PIPELINES TO AMP UP CYBERSECURITY PROTECTIONS IN WAKE OF COLONIAL PIPELINE HACK
In some cases, spyware is secretly installed by a parent but it may also be installed by a suspicious partner, according to a spyware primer from Avast, which offers internet security applications.
Some indicators of spyware can be an overheating phone, a battery that drains too fast, excessive data usage, and annoying messages that pop up when you’re browsing the internet, Avast says.
How to remove spyware
Think you have spyware? Spyware removal tools may help in detecting and removing it. Anti-virus companies such as McAfee offer spyware removal apps.
You can also manually remove suspicious apps that you don’t recognize. Just follow iOS or Android instructions for deleting apps on your phone.
In a worst-case scenario, you can do a factory reset of your phone. This will erase all data from your phone, including the spyware. But you need to make sure the backup you use for the reset is dated before you got the spyware, says Avast.
One of the best strategies is to make sure your phone’s operating system software is up to date.
“Some iPhone spy software is effective only because of an iOS security flaw. Hackers are always looking for software vulnerabilities to exploit, which Apple regularly fixes via Apple security updates,” says Avast. So, the best way to stop the spyware is updating to the latest iOS release.
Read the full article here