ISLAMABAD: The Cabinet Division has issued a cyber security advisory while saying that Apple iPhones were targeted with Blast Pass Exploit to deploy Pegasus spyware.
The advisory noted that reportedly, Apple iPhone users are being targeted by NSO Group’s nefarious spyware i.e. Pegasus. The exploitation process is instigated through iMessage feature (CVE-2023-41061 and CVE-2023-41064) for deployment of Blast Pass (zero day and zero click malware).
Blast Pass is capable of infecting OS latest versions (16.6) without user interaction. In this regard, Apple has issued remedial advisory for iPhone users. Apple has also generated alerts to inform its users for being targeted by NSO Pegasus spyware or likely targeted by state-sponsored attackers. Apple users are urged to follow safety steps mentioned at para-3 to prevent against Blast Pass Pegasus exploit and other prevalent cyber-attacks.
Specific Safety Steps to Blast Pass Exploit include; a. Immediately upgrade to iOS latest version (16.6.1 or above) which covers majority of security updates related to ongoing attacks; b. Enable lockdown mode (optional; extreme protection mode) to block Blast Pass attack; c. Disable iMessage feature available in iPhones.