The Cabinet Division has issued a Cyber Security Advisory concerning potential zero-day attacks targeting Apple products.
Through analysis of the Shutdown.log file within the sysdiagnose archive, Kaspersky identified anomalies during device reboots associated with Pegasus. Entries in the log file indicated delays in reboots caused by persistent spyware processes. Additionally, a common infection path was observed in the log file, similar to other iOS malware families.
The advisory recommends several mitigation measures to safeguard against advanced spyware on iOS devices.
These include rebooting the device daily to disrupt potential attackers, enabling lockdown mode to block iOS malware, disabling iMessage and FaceTime to minimize exploitation vectors, exercising caution with suspicious links received via various communication channels, regularly checking backups and system diagnoses for signs of malware, ensuring the installation of the latest OS version and application updates, and utilizing Kaspersky’s self-check spyware detection tool available on GitHub.
The Cabinet Division has instructed federal and provincial ministries and divisions to disseminate this information throughout their organizations, attached/affiliated departments, and to ensure the implementation of necessary protective measures.