'Pegasus' iOS malware package also found to impact OS X, Apple issues patch

Posted:
in macOS edited September 2016
Apple in a patch last week blocked a particularly nasty malware package called "Pegasus" from infiltrating iOS devices, and the company is now doing the same for its OS X desktop operating system.




Apple on Thursday issued security updates for OS X 10.10 Yosemite, OS X 10.11 El Capitan and Safari to address a vulnerability that potentially allows nefarious agents to take over a target device with a single click.

Dubbed "Pegasus," the assault package leverages three zero-day vulnerabilities to remotely jailbreak and install a suite of monitoring software onto a victim's device. One of the key tools in the process is an exploit that takes advantage of a memory corruption flaw in Safari WebKit. The vulnerability allows attackers to deliver the malware payload when a target clicks on a link leading to a malicious webpage.

Once installed, Pegasus exploits kernel flaws to upgrade privileges, allowing attackers to intercept text messages, pilfer emails, access contacts and steal information from a variety of third-party apps including Gmail, Facebook, Skype, WhatsApp, WeChat and more.

Apple patched the vulnerability last week when it released iOS 9.3.5.

It appears the same WebKit and kernel vulnerabilities that enable Pegasus to effectively infiltrate iOS devices also exist in OS X. To combat potential exposure, Apple issued a combined security update for OS X Yosemite and El Capitan, as well as a standalone fix for the Safari web browser. The combined OS X update includes the Safari patch.

Pegasus was discovered by Citizen Lab and Lookout after a human rights activist was sent a link leading to a malicious webpage bearing the jailbreak and remote monitoring tools. An investigation into the malware revealed NSO, an Israeli-based organization owned by U.S. company Francisco Partners Management, likely crafted Pegasus to further its "cyber war" line of products.

Mac users are urged to download the security updates via the Mac App Store.

Comments

  • Reply 1 of 14
    I would assume that, just like with iOS 10, the latest Sierra beta already patched this.
  • Reply 2 of 14
    I would assume that, just like with iOS 10, the latest Sierra beta already patched this.

    You know what they say when you assume.... "If it's based on the facts and accurate information from a similar situation and then extrapolated to the current situation, then there's a good chance you will be right." ;)


    Of course there's also the chance it wasn't already patched in the Sierra beta in which case I would hope it will be in the next beta release. 
  • Reply 3 of 14
    linkmanlinkman Posts: 1,035member
    Installed the OS X update today. Took less than 2 minutes. The iOS update last week took about 10 minutes and required a reboot. I wish that iOS were a little "smarter" about how updates are done.
  • Reply 4 of 14
    linkman said:
    Installed the OS X update today. Took less than 2 minutes. The iOS update last week took about 10 minutes and required a reboot. I wish that iOS were a little "smarter" about how updates are done.
    iOS 10 should run things like startup and updates faster, I've noticed performance boosts with it on an A7-class device.
  • Reply 5 of 14
    SoliSoli Posts: 10,035member
    I was surprised we didn't get a macOS patch the same day as iOS since they use the same kernel.
  • Reply 6 of 14
    linkman said:
    Installed the OS X update today. Took less than 2 minutes. The iOS update last week took about 10 minutes and required a reboot. I wish that iOS were a little "smarter" about how updates are done.
    My OS X update took about 4 minutes and required a reboot. What's your point....6-8 minutes?
  • Reply 7 of 14
    This forum used to mock Widows users for these types of exploits. And it still does when security issues are found on Android devices. But we praise apple for the 2 (or 8) minutes it took to update our Macs. 3 zero day exploits were found by an Israili company? How many has China and Iran found that still are not fixed. Apple needs to pick up the pace on security!
    dasanman69
  • Reply 8 of 14
    bulk001 said:
    This forum used to mock Widows users for these types of exploits. And it still does when security issues are found on Android devices. But we praise apple for the 2 (or 8) minutes it took to update our Macs. 3 zero day exploits were found by an Israili company? How many has China and Iran found that still are not fixed. Apple needs to pick up the pace on security!
    I'm not sure what you're trying to say here.  It sounds like you expect Apple to never have any security vulnerabilities at all.  When has that ever been held up as a standard?
  • Reply 9 of 14
    stevehsteveh Posts: 480member
    linkman said:
    Installed the OS X update today. Took less than 2 minutes. The iOS update last week took about 10 minutes and required a reboot. I wish that iOS were a little "smarter" about how updates are done.
    The OS X update yesterday required a reboot on all three Macs we updated here today.
  • Reply 10 of 14
    I did the update on a mid-2015 mbp retina and on the restart the fans are at a high speed and none of my applications are available, the applications folder is empty except for some folders and few of my document folders are available but empty. I can't even start activity monitor as it is not found. Rebooted and same thing. Anyone else experiencing this? I'm going to leave it running. Hopefully it is rebuilding the file lists and access - the system info on the Mac Ssd does indicate the expected usage, about 25% free of 1 tb.
  • Reply 11 of 14
    bulk001 said:
    This forum used to mock Widows users for these types of exploits. And it still does when security issues are found on Android devices. But we praise apple for the 2 (or 8) minutes it took to update our Macs. 3 zero day exploits were found by an Israili company? How many has China and Iran found that still are not fixed. Apple needs to pick up the pace on security!
    I'm not sure what you're trying to say here.  It sounds like you expect Apple to never have any security vulnerabilities at all.  When has that ever been held up as a standard?
    What I'm trying to say here is this forum used to mock Widows users for these types of exploits. And it still does when security issues are found on Android devices. But we praise apple for the 2 (or 8) minutes it took to update our Macs. 3 zero day exploits were found by an Israili company? How many has China and Iran found that still are not fixed. Apple needs to pick up the pace on security!

    it is pretty straight forward to understand. Unless you don't understand English or are IQ challenged. 
  • Reply 12 of 14
    appexappex Posts: 687member
    Is there a way to downgrade Mac OS X to a prvious version if something goes wrong with a particular update, without losing personal data and in the ABSENCE of recent Time Machine or other backup?
  • Reply 13 of 14
    It ended up that an OS X reinstall didn't fix it completely so time machine to the rescue. Update Install then worked ok.
  • Reply 14 of 14
    badmonkbadmonk Posts: 1,285member
    Mar1o said:
    I did the update on a mid-2015 mbp retina and on the restart the fans are at a high speed and none of my applications are available, the applications folder is empty except for some folders and few of my document folders are available but empty. I can't even start activity monitor as it is not found. Rebooted and same thing. Anyone else experiencing this? I'm going to leave it running. Hopefully it is rebuilding the file lists and access - the system info on the Mac Ssd does indicate the expected usage, about 25% free of 1 tb.
    could it be that you were in the process of being attacked of being attacked by malware or ransonware?

    i was recently attacked by ransomware on my MacPro and the first thing i noticed was the moving of files, in that they were no longer available to move by dragging icons.
Sign In or Register to comment.