The infamous Pegasus spyware has resurfaced on Apple devices. Apple is rolling out updates to iOS and macOS to close two vulnerabilities that allow the virus to enter.

Apple rolled out the patches for iOS, iPadOS, macOS and even watchOS last night and asks everyone not to keep the update for too long. Security researcher John Scott-Railton from the Canadian NGO Labs has disclosed two vulnerabilities via X that can be exploited to install the Pegasus virus. The vulnerabilities have now been registered as CVE-2023-41064 and CVE-2023-41061.

Both vulnerabilities work using a similar methodology. The attacker sends a malicious file or image containing the virus. But unlike the average phishing attack, the virus installs itself without the victim having to do anything. Apple is not disclosing any further details about the vulnerabilities in order to give its users time to implement the updates, but warns against possible active exploitation of them.

Below the radar

Pegasus is a form of spyware, a malware virus designed to be stealthy. The name regularly appears in news reports about large-scale espionage campaigns and has an infamous reputation in the security landscape. Spyware like Pegasus collects data about who is calling you and what you are doing on your smartphone and sends it to the perpetrator of the attack.

The likelihood that you, as an employee of an average Belgian SME, will come into contact with spyware is low, but never zero. The use of spyware is primarily associated with dictatorial regimes that want to keep an eye on opposition members or slightly overcritical journalists. But it actually occurs in Europe and even in our country. In June, spyware was discovered on the phones of several police officers and judges.

To actively combat Pegasus and other spyware, the European Union set up the Tech Lab this year. This independent institute must investigate which European governments are guilty of using spyware and provide victims with legal and technical support to protect themselves.

Apple has already managed to patch a total of thirteen zero days in 2023. Earlier this year, the iPhone maker expressed good intentions to roll out security patches more quickly when they are needed, and so far it has delivered on that promise. Despite this good work, the Chinese government now views the company’s products as an espionage threat, even if there are broader geopolitical motives behind it.