We’ve known about one of the most devastating iPhone exploits for a while: ForcedEntry. The way the well-known Pegasus malware is to sneak around and spy on political dissidents, government officials or journalists. Now Google Project Zero has been able to analyze this exploit in more detail: “one of the most technically sophisticated feats we have ever seen”.
An exploit that only iOS 15.2 protects us
First the good news: update our iPhone to iOS 15.2 we are safe from this exploit as the security updates released by Apple for this update clearly show. The other good news, before we go any further, is that this software is not intended for us unless we are in a high civil service or are a high profile journalist or political dissident, for n ‘. to name a few.
Pegasus, which uses the ForcedEntry exploit to sneak into an iPhone, is worth thousands of dollars and only sold to states as a counterterrorism tool. To be fairer, it must be said that “it has been sold” because, the company behind these attacks, the NSO group is on the verge of bankruptcy after the commercial exclusion of the United States and the Apple lawsuit.
In terms of security, there are two maxims that we must keep in mind: “Always keep our devices up to date” and “There is no such thing as a 100% secure system”. We are talking about the second when, since Google Project Zero, they claim that it is “one of the most technically sophisticated exploits that we have ever seen, and that it is. at the level of spy attacks from the most advanced nation-states“.
An attack on the level of the attacks of the spies of the most advanced nation-states.
In its latest version, this feat didn’t even require a click. It took advantage of the way iMessage interprets GIF files to open a malicious PDF using a compression tool that processes text for optical character recognition, which the malware sneaks into. Only the same explanation, without going into technical details, gives us an idea of the complexity of this attack.
Once the input is obtained, a sort of virtual machine is created that isolates itself from external servers to avoid being detected when accessing the content of the device. Come on, a nightmare for people whose privacy is essential to maintaining their own security.
“You can’t make a back door just for the good guys”
Fortunately, Apple was able to patch the systems and shut the door on this kind of attack. For all time? Well, like we said, there is no such thing as a 100% secure system, anyway it will depend on the determination and resources of the attackers. For now, looking at the financial situation of the NSO Group, one looks calm, but the truth is that security must continue to evolve to protect us.
Tim Cook said it already a few months ago: “You can’t make a back door just for the good guys”. If, without artificially weakening the system, we can see these kinds of attacks, we must be clear that we must move towards more security, not less. In this sense, Apple is starting to inform the owners of the affected phones so that they can take the necessary measures.
As our phones increasingly become the focus of our entire lives, attacks on the information they contain become increasingly sophisticated and the protections against them evolve. For now iOS 15.2 is a guarantee, but we will be on hold.
Image | Franck
