Tech giant Apple has released an iOS update on Friday, containing the patch iOS 9.3.5., which protects the device from a malicious malware that may compromise privacy and security.
According to a report from TheNextWeb, the dreaded mobile spyware product, dubbed as Pegasus, can record sounds, collect passwords, read text messages, record calls and track users of infected softwares.
The virus is believed to have been created by an Israeli cyber-warfare company called NSO group, the report said, and was designed to attack high-value targets.
The group reportedly exploited the three known security vulnerabilities of the previous iOS 9.3.4, known as Trident, to be able to hijack an iPhone or IPad with a single click.
Meanwhile, Mike Murray, the vice president of Security Research and Response at the cyber-security firm Lookout, gave an explanation on the potential threat that the breach poses.
“The Trident vulnerability chain is the first that anyone’s seen of a one-click remote jailbreak of an Apple device. It’s the smoking gun active mobile threat that we’ve always known existed but didn’t have proof of,” he was quoted as saying in the report.
“This demonstrates that highly resourced actors see the mobile platform as a fertile target for gathering information about targets and regularly exploit the mobile environment for this purpose,” he added.
The cyber-security expert also said that the vulnerabilities are now more than a month old and that it’s hard to gauge how widespread the damage is.
However, security researchers from the Citizen Lab and Lookout have continued to directly work with Apple to identify and push the emergency paths to pacify the vulnerabilities.
Three weeks ago, the 9.3.4 patch was believed to have been the final update before the release of iOS 10 next month, until the vulnerabilities were exposed.
Those who are currently still running an iOS 9.3.5 or older are heavily advised to update their device immediately to avoid potential threats.
The latest patch is available to all iOS devices, as of this writing. Khristian Ibarrola