iPhone spyware developed by the NSO has exposed “major” security problems with Apple’s iMessage.
Various reports, including those by Amnesty International and Citizen Lab, reveal “zero-click” attacks on a iPhone 12 Pro Max, running iOS 14.6.
“That’s a recipe for disaster,” Bill Marczak, researcher at Citizen Lab, told Forbes. “Apple should consider implementing something similar to what Twitter or Facebook have for their DMs, where messages from strangers are somewhat hidden, and filtered into a separate pane by default.
“If Apple doesn’t nip this in the bud, these sorts of zero-click iMessage attacks will inevitably proliferate to less sophisticated hackers, such as cybercriminals.”
Apple has denied the reports.
“Apple unequivocally condemns cyberattacks against journalists, human rights activists and others seeking to make the world a better place. For over a decade, Apple has led the industry in security innovation and, as a result, security researchers agree iPhone is the safest, most secure consumer mobile device on the market,” a spokesperson for the company said.
“Attacks like the ones described are highly sophisticated, cost millions of dollars to develop, often have a short shelf life and are used to target specific individuals. While that means they are not a threat to the overwhelming majority of our users, we continue to work tirelessly to defend all our customers, and we are constantly adding new protections for their devices and data.”
