Researcher Claims Apple Will Have to ‘Re-Write iMessage Codebase’ to Combat Pegasus Spyware

BY Sanuj Bhatia

Published 23 Jul 2021

pegasus spyware iOS 14

About a week ago, the iPhones of thousands of journalists, human rights activists, and ministers were discovered to be bugged with Pegasus spyware. A report disclosed that the spyware had entered the victims’ iPhones by exploiting iOS 14’s iMessage zero-click vulnerability. Now, a security researcher has said that Apple might even have to “re-write most of the iMessage codebase” in order to keep its users safe from spyware.

The Pegasus spyware, developed by Israel’s NSO, was said to be tapping personal information, including emails, messages, call logs, and much more to the governments. In particular, it was reported that the doorway to victims’ iPhones was given through the iMessage app. The report concluded that the Pegasus spyware can infect an iPhone by just receiving a particular text. It doesn’t even require the person to open the Messages app.

Matthew Green, professor at Johns Hopkins University, says that Apple has to take ‘two steps’ in order to combat the spyware.

“Apple will have to re-write most of the iMessage codebase in some memory-safe language, along with many system libraries that handle data parsing. They’ll also need to widely deploy ARM mitigations like PAC and MTE in order to make exploitation harder […]

Apple already performs some remote telemetry to detect processes doing weird things. This kind of telemetry could be expanded as much as possible while not destroying user privacy.”

Another noted security researcher and iPhone jailbreaker Will Strafach has agreed with Matthew Green’s claims and has said that Apple isn’t doing enough to protect people’s iPhones.

“There is a lot that Apple could be doing in a very safe way to allow observation and imaging of iOS devices in order to catch this type of bad behavior, yet that does not seem to be treated as a priority. I am sure they have fair policy reasons for this, but it’s something I don’t agree with and would love to see changes in this thinking.”

On the other hand, Apple has stated that the Pegasus spyware “isn’t a threat” to most of the users. It says that these kinds of spyware are tough to build, and have a short shelf life. But even if they are short-lived, is Apple doing enough? Let us know your thoughts in the comments section below!