NSO’s Pegasus spyware is one of the most frightening privacy threats an iPhone owner can face. Without you taking any action at all, it’s able to completely take over your phone, accessing almost all of the personal data stored on it, and some versions have been able to activate cameras and microphones.
Pegasus exploits zero-day vulnerabilities – security holes Apple doesn’t yet know about – but the iPhone maker has another way to fight back …
Apple aims to detect Pegasus spyware
iOS includes code which is designed to detect when an iPhone has been compromised by spyware even when Apple doesn’t yet know the method used.
The company then notifies those it believes to have been infected with the spyware, while it also works to figure out the security flaw exploited. For example, last summer Apple sent warnings to iPhone users in almost 100 countries.
Apple has warned a significant number of iPhone users across 98 countries that they appear to have been targeted by “mercenary spyware attacks” which could compromise almost all the personal data on their devices.
The company says it can never be 100% certain in its conclusions, but has a high degree of confidence that it is correct, and urges message recipients to take the security warning seriously.
There have been many other examples:
Currently, only half of infected phones detected
However, a new report suggests that Apple is currently only detecting around half of infected devices.
The data comes from the mobile security company iVerify, which last year launched a $1 app that lets you scan your own phone and send the results to them for analysis. The one-off fee lets you perform one scan a month.
Those scans provided data that allowed the company to estimate the prevalence of Pegasus infections, and also check how many of those found to be infected had been notified by Apple.
Following the extensive press coverage, 18,000 more people downloaded our iVerify Basic application and scanned their devices, and the result was that we detected 11 new cases of Pegasus in December alone.
The addition of these new detections brings our global incidence rate down to around 1.5 Pegasus detections per 1000 scans; however, the larger sample size increases our confidence that this figure represents something closer to the true incidence rate and allows us to draw potentially more interesting conclusions.
For example, we see signs that mobile compromise extends beyond high value targets like politicians and activists, and indeed, appears to impact a broad cross section of society. The new confirmed detections, involving known variants of Pegasus from 2021-2023, include attacks against users across government, finance, logistics, and real estate industries. Many were attacked with multiple variants and monitored for years.
What’s more, in about half the cases, the targets did not receive Threat Notifications from Apple. These individuals would not have known their devices were compromised if they had not been using iVerify.
iVerify says it was very careful to count only those phones it was 100% certain were infected.
Photo by Dmitry Ratushny on Unsplash
FTC: We use income earning auto affiliate links. More.
