The National Information Technology Development Agency (NITDA) has notified users of Apple devices to be wary of Pegasus, a spyware that allegedly spies and accesses users’ device information without their knowledge.
Hadiza Umar, head, corporate affairs and external relations of NITDA, made the disclosure in a statement issued in Abuja.
According to Umar, research conducted by the agency revealed that the zero-click exploit, which targets iMessaging, is used to illegally spy on iPhone Operating System (iOS) devices.
She noted that the attacker infects and exploits an Apple device without the victim’s knowledge or the need for the victim to carry out any action, adding that the released security updates for the newly discovered zero-day vulnerability affects every iPhone, iPad, Mac and Apple Watch.
The software, when deployed into a targeted device, turns on the camera and microphone to record messages, texts, emails and calls, even if sent via encrypted messaging apps, further Umar explained.
“Once the attacker has control of the device, the attacker compromises the user’s credentials, gains access to the entire infrastructure, identifies sensitive assets and moves laterally within the network,” she said.
Umar, who emphasised that iOS versions 14.4 and 14.6 were majorly affected, advised users to immediately update their iOS devices by downloading and installing their devices with latest patches iOS 14.8, which was available for free on Apple PlayStore.
NITDA’s statement follows an announcement by Apple which disclosed the launch of an emergency software update to protect users after a research discovered its products are vulnerable to attack from hackers without the user’s knowledge.