San Francisco (AFP)
Apple said on Monday that it had fixed a computer flaw that the controversial Pegasus software, from Israeli company NSO, was able to exploit to infect branded devices without the user even clicking a trick link or button.
The flaw was spotted by Citizen Lab researchers, who discovered that a Saudi activist's iPhone had been infected via iMessage, Apple's messaging system.
According to this cybersecurity organization at the University of Toronto, Pegasus has been using this vulnerability "since at least February 2021".
"This exploit, which we called FORCEDENTRY, targets Apple's image rendering library, and worked against Apple iOS, MacOS and WatchOS devices," the operating systems of mobile phones, computers and smartwatches from the brand to Apple.
"Apple is aware of a report that this flaw may have been exploited," the tech giant noted in its update note released Monday.
Citizen Lab had played a key role in bringing the mass spy scandal to light via Pegasus in July.
According to information from a consortium of 17 media, in France, an issue of Emmanuel Macron, former Prime Minister Édouard Philippe and 14 members of the government appeared "in the list of issues selected by a security service of the 'Moroccan State, user of Pegasus spyware, for potential piracy ".
In all, according to Amnesty and Forbidden Stories, the case concerns a list of 50,000 phone numbers around the world selected since 2016 by NSO customers.
Pegasus allows "to buy his own NSA", the American intelligence agency, Ron Deibert, the director of Citizen Lab, had joked in July.
Apple did not immediately respond to an AFP solicitation.
© 2021 AFP