Apple Fixed 'BLASTPASS' iOS Bug, Which Allowed The Pegasus Malware To Sneak In

Apple bugs

Apple publicly released iOS 16.6.1, which is rather big in size, but brings no new features.

But behind the seemingly minor update resides one big patch that fixes the mobile operating system from an exploit chain capable of compromising devices with the notorious, and the highly effective Pegasus malware.

The exploit was first discovered on an iPhone owned by a person employed by a Washington DC-based civil society organization.

Toronto's Citizen Lab said that the exploit involves PassKit containing "malicious images sent from an attacker iMessage account to the victim."

Citizen Lab disclosed their findings to Apple, that then promptly issued CVE-2023-41064 and CVE-2023-41061 related to the exploit chain.

The iOS 16.6.1 patch fixes the issue, and Citizen Lab confirmed that.

Citizen Lab, which is a group of researchers that investigate government malware, said that the zero-click exploit on iOS "was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim," Citizen Lab wrote in a website post.

The researchers refer to the exploit chain as "BLASTPASS."

"We urge everyone to immediately update their devices," the researchers said.

It's worth noting that Apple's own Lockdown Mode is able to block this kind of attack.

"We encourage everyone who may face increased risk because of who they are or what they do to enable Lockdown Mode," the researchers said. "We believe, and Apple’s Security Engineering and Architecture team has confirmed to us, that Lockdown Mode blocks this particular attack."

Apple's Lockdown Mode is an extreme protection that’s designed for the very few individuals who, because of who they are or what they do, might be personally targeted by some of the most sophisticated digital threats.

The feature is turned off by default, and that it's optional, since most people are never targeted by attacks of this nature.

When Lockdown Mode is enabled, users' device won’t function like it typically does. This happens because the feature reduces the attack surface that potentially could be exploited by highly targeted mercenary spyware, certain apps, websites. When the feature is turned on, phone usage can be strictly limited for security, and that some experiences might not be available at all.

Read: 'Lockdown Mode' As Apple Ramps Up Security Against State-Sponsored Hacking

NSO Pegasus

Pegasus is spyware developed by the Israeli company NSO Group.

The malware is specifically designed to siphon data covertly. Because it requires no user interaction, the malware can be remotely installed, and victims will never know about it.

NSO Group markets Pegasus as a product to "combat terror and crime." However, it has been revealed in the past, that its clients include governments around the world that bought the malware to conduct espionage on journalists, lawyers, political dissidents, and human rights activists.

While the capabilities of Pegasus vary over time due to software updates, the main purpose of Pegasus is to read text messages, eavesdrop on calls, collect passwords, track location, access compromised devices' microphone and camera, and harvesting information from installed apps.

The spyware was first developed back in 2011.

Read The Wi-Fi 'Evil Twin Attack', And Why Devices Shouldn't Connect Automatically To Public Hotspots