The most silent of device users iPhone, iPad and Mac-s are calm about cyberattacks, relying on the idea that the security system of these devices will cope with any challenges. Even though iOS, iPadOS and macOS are quite stable operating systems and with a fairly good protection mechanism, the reality is completely different. Pegasus spyware is detected on only half of iPhone-s, according to a company report Apple.
Content
What is Pegasus spyware and what security vulnerabilities does it exploit?
Pegasus spyware, developed by NSO Group, represents one of the most dangerous privacy threats for device owners. iPhoneThis malicious software can take complete control of a phone without the user doing anything, gaining access to almost all of the personal data stored on it. Some versions can even activate the device's camera and microphone, turning it into an invisible surveillance tool.
Pegasus spyware exploits “zero-day” vulnerabilities. More precisely, these are security breaches that are not yet known. AppleHowever, the tech giant has alternative methods to combat this threat, but iOS, iPadOS and macOS should not think that they are completely safe from cyber attacks.
How are you trying? Apple to track down Pegasus
As mentioned at the beginning of the article, the iOS operating system includes mechanisms specifically designed to identify when a iPhone was compromised by spyware, although the exact method used remains unknown. Apple then notifies users it suspects have been targeted, while simultaneously working to discover and fix the exploited flaw. For example, last summer, the company sent warnings to users of iPhone from almost 100 countries.
"Apple has alerted a significant number of users in 98 countries, informing them that they may be the targets of “mercenary” spyware attacks that can compromise almost all of the personal information on their devices. Although Apple While acknowledging that it cannot be absolutely certain of these conclusions, the company states that it has a high level of confidence in its assessments and urges users to take these security warnings very seriously.”
Most of the time, these updates that quickly close security holes are marked as “Rapid Security Response".
With all this vigilance on the part of the company Apple, security breaches will always exist and it will be almost impossible to discover all devices infected with Pegasus spyware in a timely manner.
Only half of devices infected with Pegasus spyware are identified
A recent report shows that Apple only manages to detect about half of the devices infected with Pegasus. The data comes from iVerify, a mobile security company that launched a $1 app last year. It allows users to scan their phone and submit the results for analysis. With a one-time subscription, users can perform a monthly scan.
The results obtained from these scans allowed iVerify to estimate the frequency of Pegasus infections and verify how many of the affected users received notifications from Apple.
“After extensive media coverage, an additional 18.000 people downloaded the iVerify Basic app and verified their devices. In December, we identified 11 new cases of Pegasus spyware infection. These findings reduced the overall incidence rate to approximately 1,5 cases per 1.000 scans. However, the larger sample size gives us greater confidence that this figure more accurately reflects reality and allows us to draw potentially more relevant conclusions.
For example, we see indications that attacks are not only targeting high-profile targets, such as politicians or activists, but are affecting a wide range of people in society. New confirmed cases, related to known Pegasus variants from 2021-2023, include attacks on users in areas such as public administration, finance, logistics, and real estate. Many were targeted with multiple variants and monitored for years.”
An underestimated problem: users Apple they are not immune
An alarming aspect highlighted by iVerify is that approximately half of the victims did not receive threat notifications from AppleWithout the use of the iVerify app, these users would not have known that their devices were compromised. The company emphasizes that it was extremely rigorous, including in the statistics only cases where the infection was confirmed with absolute certainty.
These findings draw attention to the fact that iOS, iPadOS and macOS are not safe from cyber dangers. Although Apple is making efforts to combat such threats, there are still limits to its ability to protect all devices, which highlights the need for increased vigilance from users, regardless of the platform used.
As I have said in several articles awareness, vigilance is the best protection against cyber attacks, complemented by up-to-date operating system updates.
