NSO’s Pegasus spyware stands as one of the most alarming privacy risks for iPhone users. It can take control of your device without your involvement, gaining access to nearly all stored personal data, and certain versions even have the capability to activate cameras and microphones remotely.
Pegasus takes advantage of zero-day vulnerabilities—security flaws that Apple is unaware of—but the tech giant has developed another mechanism to combat this threat…
Apple’s initiative to identify Pegasus spyware
Within iOS, there is code created to detect when an iPhone has been compromised by spyware, even without Apple being aware of the specific method used.
When Apple suspects a device has been infected, they inform the potential victims while simultaneously investigating the exploited security vulnerabilities. For instance, last summer, the company alerted iPhone users in nearly 100 countries.
Apple has issued warnings to a large number of iPhone users across 98 countries, indicating that they may have been targeted by “mercenary spyware attacks” that could endanger almost all private data on their devices.
While the firm asserts it cannot be 100% certain in its determinations, it expresses a high level of confidence in its assessments, urging recipients of the warnings to take these security alerts with utmost seriousness.
There have been numerous other instances:
Currently, Apple detects only half of the infected devices
However, a recent report indicates that Apple is currently only able to identify roughly half of the devices that are infected.
This information is derived from mobile security firm iVerify, which last year released a $1 application that allows users to scan their devices and submit the findings for analysis. The one-time payment permits one scan each month.
The scans provided data that enabled the firm to estimate the prevalence of Pegasus infections and verify how many of those identified as infected were notified by Apple.
Following widespread media attention, 18,000 additional users downloaded our iVerify Basic app and scanned their devices, resulting in the discovery of 11 new Pegasus cases just in December.
This influx of detections lowers our global incidence rate to about 1.5 Pegasus detections per 1000 scans. However, the increased sample size boosts our confidence that this number is closer to the true incidence rate and allows for potentially noteworthy conclusions.
For instance, we observe signs that mobile compromises affect more than just high-profile targets like politicians and activists; rather, it seems to impact a diverse range of individuals. The new verified detections, involving known Pegasus variants from 2021-2023, encompass attacks against users in government, finance, logistics, and real estate sectors. Many have been targeted by multiple variants and surveilled for extended periods.
Moreover, in about 50% of cases, the victims did not receive Threat Notifications from Apple. These individuals would have remained unaware of their device compromises had they not utilized iVerify.
iVerify emphasizes that it was meticulous in ensuring it counted only those devices it was entirely sure were infected.
Photo by Dmitry Ratushny on Unsplash
