NewsBite

iPhone users urged to update to IOS 9.3.5 after hack threat

Apple users are being urged to update their handsets after a private cyberarms dealer found a way to hack the iPhone.

DAVID SWAN
2 min read
2:15PMAugust 26, 2016.
Updated 3:19PMAugust 26, 2016
Print
Previously unknown IOS vulnerabilities have been detected in the iPhone.
Previously unknown IOS vulnerabilities have been detected in the iPhone.

Apple iPhone users are being urged to update their handsets after a private cyberarms dealer found a way to hack the iPhone with sophisticated malware.

The Israel-based NSO group developed the ‘world first’ malware, which exploited three previously unknown iOS vulnerabilities.

NSO Group’s software effectively transforms the phone into a surveillance device, tracking its movements, logging messages and downloading personal data.

It also allowed hackers access to their passwords and could record sounds.

Apple quickly moved to patch the insecurities, and is advising all users to update their iPhones.

“We were made aware of this vulnerability and immediately fixed it with iOS 9.3.5,” an Apple spokesman told AP.

“We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits.”

The majority of iPhone users are currently using iOS 9, though anyone who has updated to the iOS 10 beta is safe, Apple says

To update your iPhone, plug your device into power and connect to the internet with Wi-Fi. Then tap Settings, General, then Software Update.

The malware was detailed in a report from Citizen Lab and Lookout security, and Lookout vice president of research Mike Murray said the NSO software, called Pegasus, is “the most professional piece of spyware that I’ve ever seen.”

He told The Wall Street Journal the software operates stealthily, ensuring that it doesn’t quickly drain the battery and speeding up its data transfer when it is on Wi-Fi networks so that it doesn’t get noticed.

NSO has billed itself as a leader in the field of cyberwarfare, offering tools for governments to keep tabs on criminals and terrorists who use encrypted communications. The company has been thought to be capable of installing unauthorised software on Android, BlackBerry and iPhone devices, but Thursday’s report provides the first in-depth look at its capabilities.

“We’re a complete ghost,” NSO co-founder Omri Lavie told Defense News in a 2013 interview. “We’re totally transparent to the target, and we leave no traces.”

Researchers highlighted the unusual way that Pegasus is installed on a phone, taking advantage of the three flaws in iOS to silently “jailbreak” the phone and circumvent the requirement that only Apple-approved software runs on the device.

This type of one-click iPhone attack previously has been described by researchers but never been seen in a real-world attack, Lookout’s Mr Murray said.

With The Wall Street Journal

More Coverage

Start-up used iPhone bug to spy
ROBERT MCMILLAN

Add your comment to this story

To join the conversation, please Don't have an account? Register

Join the conversation, you are commenting as Logout

More related stories

Original URL: https://www.theaustralian.com.au/business/technology/iphone-users-urged-to-update-to-ios-935-after-hack-threat/news-story/c1bf193d133071155e4b1593f9e2fc5b