Do you still remember NSO Group? It is an Israeli firm which works with the government agencies to assist with criminal investigations. This time the security firm is targetting Apple. The Israeli firm has developed a surveillance tool called “Pegasus”. This tool can collect all the data from the device storage and also it is able to communicate with the connected cloud such as iCloud.
Through the Pegasus software, government agencies can have complete access to a criminal or terrorist phone. The vulnerability exists to Google Android phones too. Even the terrorist communicates over “encrypted and secure” connections, the government agencies can access to their phone data.
With the release of the latest version of Pegasus, the software now able to capture and clone your iCloud. This is done by cloning the authentication token which iCloud uses. Then it will pretend to be the user is requesting access to the iCloud and once the access is given, it will download all the data are inside the iCloud server.
Moreover, the software also able to access the targeted user Facebook and download their location history. According to the Financial Times, the software is able to access your device silently without requiring two-factor login prompts. Usually, each time you sign in into your iCloud account, there will be a two-factor authentication and also an email will be sent out to your email. However, this software blocks everything easily.
In conclusion, as long as you are not being targetted by law enforcement agencies, you might not have to worry about it. However, a terrorist and criminals have to worry a lot about it actually.