Israeli spy tech firm exploited vulnerability on ALL IPHONE devices to implant ‘Pegasus’ malware – report
Digital rights group CitizenLab has discovered a vulnerability that allowed Israeli spyware company NSO Group to implant its Pegasus malware onto virtually every iPhone, Mac, and Apple Watch device. CitizenLab revealed the vulnerability on Monday, a week after discovering it by analyzing the phone of a Saudi activist that had been infected with the malware. The discovery was announced to the public shortly after Apple rolled out an update to patch the vulnerability. The vulnerability allowed the NSO Group’s clients to send malicious files disguised as .gif files to a target’s phone, which would then exploit “an integer overflow vulnerability in Apple’s image rendering library” and leave the phone open to the installation of NSO Group’s now-infamous ‘Pegasus’ malware. The exploit is what’s known as a ‘zero-click’ vulnerability, meaning that the target user would not have to click a suspicious link or file to allow the malware onto their device. While most Apple devices were vulnerable,