Over the weekend, a report from Amnesty International detailed targeted attacks on human rights activists, lawyers, and journalists using Apple’s iMessage system.
In a statement provided to the Washington Post, Apple defended its security practices and said it leads the industry in security innovation.
Amnesty International’s report detailed that the Israeli company NSO Group has sold several attacks known as ‘Pegasus’ over the years, adapting as Apple corrected each security flaw.
Amnesty International now believes the Pegasus spyware is taking advantage of an iMessage flaw affecting iPhone and iPad devices running iOS 14.6. The exploit also appears to work successfully on iPhones running iOS 14.3 and iOS 14.4.
Today’s Washington Post report includes a comment from Ivan Krstić, Apple’s head of Security Engineering and Architecture.
Krstić says that:
As Krstic points out, attacks such as those detailed by the Amnesty International report are incredibly sophisticated and not a threat to the “vast majority” of iPhone users. Despite this, of course, they pose a risk to those who are potential targets of these attacks.