Apple is rolling out a global update to its iOS mobile operating system after a botched attempt to break into the iPhone of an Arab activist using spyware.
Advertisement
Citizen Lab was alerted to a problem when the human rights activist Ahmed Mansoor, from the United Arab emirates, began to receive unusual text messages containing links. He didn’t take the bait – but what happened next is alarming.
Bill Marczak of Citizen Lab told reporters that the exploits have probably existed since before last month’s release of iOS 9.3.3. “Mansoor’s unfortunate experiences are the gift that won’t stop giving”. They believe it was UAE security agencies that attempted to bug Mansoor’s iPhone.
Zero-day attacks are previously unknown software vulnerabilities that are already being exploited by hackers even before the software makers are made aware of them.
Researchers said Apple had been informed last week, enabling it to quickly develop a fix. Working with a USA mobile security company, researchers there identified it as an exploit connected to NSO Group, an Israeli company best known for selling a government-exclusive “lawful intercept” spyware product called Pegasus. While Mansoor was using an iPhone 6, the updated iOS will patch iPhones from the 4S upwards.
This week, Apple discovered that an Israeli company called NSO Group had been creating hacking software and selling it to foreign governments.
It is known to have participated in a similar attack on a Mexican journalist, who reported on corruption by Mexico’s head of state and an unknown target or targets in Kenya.
In their reports, Citizen Lab and Lookout identified an Israeli firm, NSO Group, as being behind the attack.
According to Citizen Lab, their discovery is unique in the world of jailbreakers selling vulnerabilities to the highest bidder, as it was used sparingly and only against high-value targets.
Apple released the iOS 9.3.5 security patch on Thursday and users can get the patch by going to Settings – General – Software Update and going through the normal software update process.
Advertisement
iPhone owners, you may want to update your phone immediately.
