Pegasus spyware from Israeli company NSO Group is one of the most terrifying privacy threats an iPhone owner can face. Pegasus uses zero-day vulnerabilities to gain access to almost all personal data stored on Apple smartphones, track the owner’s activities, and in some cases even activate the device’s camera and microphone.
Image source: unsplash.com
Pegasus infiltrates devices using zero-click exploit chains (those that do not require user interaction) that bypass the iPhone’s security features. When hacked using these methods, the user does not even need to click on a malicious link for Pegasus to infiltrate the device.
Apple, for its part, is committed to detecting spyware — iOS includes heuristic code to detect iPhone hacking, even if the hacking method is not yet known to Apple. When suspicious activity is detected, the company notifies owners of potentially spyware-infected devices and simultaneously begins work to identify the exploitable security vulnerability.
Apple notes that it can never be 100% certain of its findings, but nonetheless urges recipients of the messages to take the warning seriously. Last year, the company notified a significant number of iPhone users in 98 countries that they had apparently been subjected to spyware attacks that could compromise almost all personal data on their devices.
Newly obtained data suggests that Apple is currently detecting only about half of infected devices. The information comes from mobile security company iVerify, which last year released an app that scans Apple phones and sends the results for analysis. A one-time fee of $1 allows for one scan per month. The data collected allowed the company to estimate the prevalence of Pegasus spyware, as well as what percentage of infected iPhone owners received notifications from Apple.
Image source: iVerify
«“Following widespread press coverage, an additional 18,000 people downloaded our iVerify Basic app and scanned their devices, and as a result, we detected 11 new cases of Pegasus in December alone. [This lowers] our global rate to about 1.5 Pegasus detections per 1,000 scans; however, the larger sample size increases our confidence that this figure represents something closer to the true incidence rate and allows us to draw potentially more interesting conclusions,” an iVerify spokesperson said.
IVerify noted that mobile hacking has long since moved beyond targets like politicians and activists, and indeed appears to be impacting a broad cross-section of society. New confirmed detections, including known Pegasus variants from 2021 to 2023, show attacks on users in government, finance, logistics, and real estate. Many iPhones have been infected with multiple malware variants and have been tracked for years.
According to iVerify’s calculations, in about half of the cases, owners of compromised devices did not receive threat notifications from Apple. An iVerify representative emphasized that the company made every effort and only included phones that it was 100% sure were infected.