Apple releases emergency OS updates due to spyware flaws


Level 12
Thread author
Top poster
Aug 2, 2020
Apple's devices are prey to a zero-click security flaw, which could have been exploitable since February this year or earlier. This is the first time we have seen a vulnerability so severe and that has affected Apple Mac, iPhone, iPad and Watch users alike. There is a very high probability that the zero-day, zero-click exploit was developed by Tel Aviv-based NSO Group, most famous for the Pegasus iPhone surveillance (spyware) software.

Canada's The Citizen Lab is credited with catching out this flaw, reference CVE-2021-30860, in the wild. Citizen Lab researchers were analysing a phone owned by a Saudi activist, a device which was infected with NSO Group's Pegasus spyware, and discovered "a zero-day zero-click exploit against iMessage". The exploit, dubbed 'ForcedEntry' by the researchers, used an attack vector open in Apple's image rendering library – worryingly it is/was effective as an exploit across all Apple's major devices; Apple iOS, MacOS and WatchOS devices.
The Citizen Lab comments on CVE-2021-30860 being the "latest in a string of zero-click exploits linked to NSO Group". In its conclusions about the discovery of 'ForcedEntry', it criticizes the NSO Group for "Selling technology to governments that will use the technology recklessly in violation of international human rights law". It goes on to make a point that once this "mercenary spyware" tech is being used by such governments it facilitates the spread to other parties, which is characterised as a "harmful marketplace" in need of regulation. The Citizen Lab ends by warning that popular chat apps will likely continue to be "an irresistible soft target," for hackers.

I just updated my iPad Air 2 with the patch (via the built-in update settings), it was 'only' about 350MB but took quite a long time preparing to install and to complete the process. Please be patient and not be tempted to interrupt/restart the update.


Level 62
Top poster
Content Creator
Apr 24, 2016
Zeus app detects Pegasus:
Pegasus is unlikely to be used for mass surveillance, as the cost per monitored person is simply too high. Nevertheless, some users might be interested in the question of whether their own devices might have been infected at some point. In the German article Analyse-Tool gegen die Pegasus-Spyware aus der Schweiz, I had briefly reported that developers of the Swiss company DigiDNA integrated Amnesty International’s MVT tool (used to detect Pegasus) into their own tool iMazing. This makes it easier to scan iPhones for infestation by the Pegasus spyware.

Now I’ve received a tip about another tool from its developer. Softorino has been developing management software for iOS for years and has seized the opportunity to develop a free app called Zeus. This app were named after the Greek god Zeus, who defeated Pegasus with his thunderbolt. The Zeus app is a standalone, secure application (currently only for Windows) that allows users to check their iPhones for signs of NSO’s Pegasus spyware. A quick guide to using the software on Windows can be found here, and the software can be downloaded here.