NSO Group’s Pegasus spyware is among the most alarming privacy threats facing iPhone users. It can take complete control of your device without any user action, accessing virtually all personal data stored on it. Some variants are even capable of activating cameras and microphones.
Pegasus takes advantage of zero-day vulnerabilities—security flaws that Apple is unaware of. However, the tech giant has a strategy to combat this issue…
Apple’s Efforts to Identify Pegasus Spyware
The iOS operating system includes embedded code that aims to detect spyware intrusions on iPhones, even in cases where Apple has no knowledge of the specific exploit.
When a potential infection is detected, Apple notifies users it suspects may have encountered the spyware, while simultaneously investigating the security flaw that was exploited. For instance, last summer, Apple issued warnings to iPhone users in nearly 100 countries.
Apple has informed a considerable number of iPhone users across 98 countries about possible targeting by “mercenary spyware attacks” which could jeopardize virtually all personal data on their devices.
Although the company cannot guarantee absolute certainty in its assessments, it expresses a high level of confidence in its findings, encouraging recipients to take the security alerts seriously.
There are numerous other instances:
Only Half of Infected Devices Currently Detected
Recent reports indicate that Apple is currently identifying only about half of the devices that have been infected.
This data originates from the mobile security firm iVerify, which introduced a $1 app last year that enables users to scan their devices and then submit the results for analysis. The one-time payment allows for one monthly scan.
The results from these scans provided the information necessary for the company to assess the prevalence of Pegasus infections and determine how many of those identified as infected had received notifications from Apple.
Following extensive media coverage, 18,000 additional individuals downloaded our iVerify Basic application and completed scans of their devices, resulting in the discovery of 11 new Pegasus cases just in December.
This increase in detections has lowered our overall incidence rate to approximately 1.5 Pegasus detections per 1,000 scans; however, the larger dataset enhances our confidence that this figure is closer to the actual incidence rate, enabling us to draw potentially more significant insights.
For instance, we observe indications that mobile compromises extend beyond high-value targets such as politicians and activists, apparently affecting a wide range of individuals across various sectors. The newly confirmed detections involve known Pegasus variants from 2021 to 2023, including cases against users in the government, financial, logistics, and real estate sectors. Many were subjected to multiple variants and monitored for extended periods.
Moreover, in about half of the situations, targets did not receive Threat Notifications from Apple. These users would have remained unaware of their devices being compromised had they not utilized iVerify.
iVerify emphasizes that it was meticulous in counting only those phones it was completely certain were infected.
Photo by Dmitry Ratushny on Unsplash
