Employees of the Citizen Lab at the University of Toronto have found a vulnerability in the latest version of iOS, which allows the installation of spyware Pegasus by Israeli company NSO Group without the user’s knowledge. This is reported on Thursday, September 7, on the laboratory’s website.
“The exploit included PassKit attachments containing malicious images sent to the victim from the attacker’s iMessage account,” the lab said in a statement.
According to senior researcher Bill Marchak, the vulnerability was discovered due to an attacker’s mistake during software installation. The vulnerability has already been reported to Apple.