Apple Cyber Flaw Allows Hack iPhone via iMessage

  • 27th Nov'21
  • 75
  • 3
  • 1

Apple instructed its users to quickly update their devices after researchers claimed the misuse of their technology. But how and why?


What was the Matter?

According to Citizen Lab, an academic research group, “A few weeks ago, Apple sent a critical security update for fixing the flaw. But the vulnerability was attacked by Israel's NSO group.”

The NSO Group has developed software to take control over any Apple device, be it a watch, computer, or iPhone.After identifying the flaw, Apple rapidly developed a fix in iOS 14.8 to protect the users. 

The software takes control over a device by first sending a message through iMessage, Apple’s default messaging app, then by taking advantage of Apple processing images. In the cybersecurity industry, this process is known as a “zero-click” exploit. Zero-click is a dangerous flaw that does not need a victim to click or download any file to take over the details by others. 

On the matter, Scott Railton, Senior Researcher of citizen lab, said “People whose devices have been exploited are extremely unlikely to realize they have been hacked. The user sees crickets while their iPhone is silently exploited.”

He further added, “ Someone sends you a GIF that isn’t, and you are in trouble. That’s it. You don’t see a thing.”

Also Read:  How Important is it to Fix Tensions Between Legal And Technical?


Cyber hack


The Updation 

The users who want to update their iPhone can go to Settings>General>softwareUpdate and then download an update available.

For Mac users, the update is available in the preferences.

The customers using Apple watches can update it through the Apple Watch app available on the iPhone. For the watch, go to General>Software Update. 


What is NSO Group Technologies

NSO stands for Niv, Shalev, and Omri, the names of the founders of the company. It is an Israeli technology firm known for its zero-click surveillance of smartphones.

On this matter, an NSO spokesperson, in an emailed statement, said, “NSO group will continue to provide intelligence and law enforcement agencies around the world with life-saving technologies to fight terror and crime.”


Statement from the Citizen Lab

On claiming the NSO group for this hack, they said in an email statement,  “Citizen lab discovered attack code belonging to the NSO Group, which was established based on naming conventions and the behavior of the software.”


cyber hack


Statement from Apple

Ivan Kristch, Apple’s head of Security Engineering and Architecture, in an email statement, said “Attacks like the ones are highly sophisticated, cost millions of dollars to develop, often have a short shelf life, and are used to target specific individuals.”

Ivan also thanked Citizen Lab for alerting the company to the exploit.


Earlier this month, Apple developed a system to detect child pornography on its phones after the critics said that it could undermine the privacy of the iPhone. Apple has fixed many iPhone bugs. Many of them were exploited by cyber attackers. The zero-click is the rarest and the most dangerous software for one’s privacy. Although, the immediate decisions by the company will make sure to save the user. 


We at OpenGrowth, are committed to keeping you updated with the best content on the latest trendy topics from any major field. Also, both your feedback and suggestions are valuable to us. So, do share them in the comment section below.


*Note: The content published above was made in collaboration with our members.

About the author:

KAJAL THARWANI, OpenGrowth Content Team

An explorer who takes risks and learns from her mistakes. An aspirational content writer, studying social work. Kajal loves trying her hands in different crafts.

Post Your Comment
Eric Cole

Losing money in the form of lost bitcoin is very easy these days and has also become quite common, a slight mistake is all it takes and we are actually all prone to making mistakes. Money lost to investment portfolios can definitely be recovered with the help of an expert. I was able to get my lost coin recovered recently with the help of ‘( HACKSTARS101 @ WORKMAIL . COM) He’s professional and I recommend him to anyone who may need help recovering lost funds as well.

2022-01-11 22:05:41

You may also like