Acanthus Security Blog
ALERT: Update Your iPhone, iPad, Apple Watch, and Mac NOW.
If you use almost any Apple products, you’ll want to check for and apply an update that will prevent your devices from being spied on. Apple has just issued an emergency software update for a critical vulnerability that was recently discovered.
The new updates were pushed out on Monday, September 13th, 2021, and include a major security fix for the Apple iPhone, Apple iPad, Apple Watch, and Apple Mac computers and laptops.
The vulnerability is a very serious one known as a “zero click remote exploit.” It allows invasive spyware to infect any of these devices without any sort of end-user action. Whereas the majority of malware requires the user to download something, click on a fraudulent link, join an unsecure network, or hand over a password, this new breed of malware can infect most Apple devices without a single click.
Security researchers have traced the spyware back to Israel’s NSO Group, a technology firm that develops remote surveillance spyware. The spyware, called Pegasus, can be deployed to any Apple iPhone, iPad, Apple Watch, or Mac without the user being aware of it, and can allow both governments or criminals to turn on your camera and microphone, record messages, texts, emails, and calls, even if you are using encrypted services. It’s essentially giving the cybercriminal full control over your device without you knowing it.
How to Check If You’ve Been Infected by the Pegasus Zero-Click Spyware
Here’s the worst part—you’ll never know if you have this on your phone or device. If the spyware is on your device, it’s virtually invisible to you. You won’t see the typical tell-tale signs of an infection, such as strange text messages, suspicious links, or any other notification. It’s simply there, possibly running at any given moment, recording what you are doing and sending everything to NSO Group and their clients.
If that’s not bad enough, security researchers believe that this spyware has been around since at least March of 2021, and with more than 1.65 billion Apple products on the market today… Let's just say we should all be taking this very seriously.
Update Your Apple Devices Right Now: Here’s How to Do It
Apple iPhone and iPad
Before you update, back up your device using iCloud or your computer.
- Plug your device into power and make sure you are connected to the Internet with Wi-Fi.
- Go to Settings > General, then tap Software Update.
- Tap Install Now. If you see Download and Install instead, tap it to download the update, enter your passcode, then tap Install Now.
Apple macOS on a Mac Computer
- Go to the Apple menu in the corner of your screen. Choose System Preferences.
- Click Software Update.
- Click Update Now or Upgrade Now.
- Repeat this process in case further updates are available.
For more information, check out Apple’s Update documentation.
Connect your Apple Watch to Wi-Fi. Ensure that your watch is at least 50% charged, or plug it in to power. You’ll want to make sure your iPhone is running the latest version of iOS.
- On your iPhone, open the Watch app and tap My Watch.
- Tap General > Software Update.
- Download the update.
- Wait for the progress wheel to appear on your Apple Watch. It could take several minutes to an hour for the update to finish.
For more information, check out Apple’s Watch Update Guide.
Update Your Apple Device NOW
We can’t stress this enough. This update is incredibly important to protect your privacy, as there is no telling if you actually already have this spyware on your Apple device. It’s likely that more news will come of this over the next few days, but for now, be sure to check for updates on your iPhone, iPad, Apple Watch, and Mac and make sure you are running the latest version.
If you have questions or need help, don’t hesitate to give Acanthus Security a call at (312) 300-4207.