Skip to content
Apple Releases Urgent iPhone Software Update To Address Critical Spyware Vulnerability

Researchers at the University of Toronto’s Citizen Lab said the software exploit had been in use since February and was used to deploy Pegasus, spyware made by Israeli firm NSO Group that was allegedly used to monitor journalists and human rights defenders in several countries.

The urgent update that Apple (AAPL) released on Monday fills a hole in iMessage software that allowed hackers to infiltrate a user’s phone without the user clicking any links, according to Citizen Lab. The Saudi activist has chosen to remain anonymous, Citizen Lab said.

Apple credited Citizen Lab researchers with discovering the vulnerability, but an Apple spokesperson declined to comment further.

NSO Group did not immediately respond to a request for comment on the research. The company said its software was only sold to customers approved for anti-terrorism and law enforcement purposes.

The researchers say, however, they have found several cases in which the spyware was deployed on dissidents or journalists. In 2019, Citizen Lab analysts alleged that Pegasus was used on the cell phone of the wife of a murdered Mexican journalist.

In a lawsuit filed in 2019, Facebook accused NSO Group of being complicit in hacking 1,400 mobile devices using WhatsApp. (NSO Group disputed the allegations at the time.)