The researchers say that Apple was informed about this trio of vulnerabilities more than a week ago, leading to the release of iOS security update 9.3.5 yesterday. The vulnerability was identified by researchers at the University of Toronto’s Citizen Lab after Ahmed Mansoor, a human rights activist and United Arab Emirates dissident, was targeted using the attack. Working with a U.S. mobile security company, researchers there identified it as an exploit connected to NSO Group, an Israeli company best known for selling a government-exclusive “lawful intercept” spyware product called Pegasus.
Advertisement
Although Apple has rolled out iOS 9.3.5 when iOS 10 is coming in another few days, the rollout is quite important and recommended for all users. The next day he got another, this time with a link promising information on detainees in UAE jails.
Apple fixed the issue nearly 10 days after receiving a tip from two researchers, namely Bill Marczak and John Scott Railton, at Citizen Lab at the University of Toronto’s Munk School of Global Affairs, and Lookout, a San Francisco mobile security company.
Bill Marczak of Citizen Lab told reporters that the exploits have probably existed since before last month’s release of iOS 9.3.3. By clicking on the text link, Mansoor would have unwittingly installed the malware and allowed the sender full access to his communications.
In a statement released Thursday, which stopped short of acknowledging that the spyware was its own, the NSO Group said its mission was to provide “authorized governments with technology that helps them combat terror and crime.”
The combination of the vulnerabilities, together known as “Trident”, gives the attacker access to an iPhone’s camera, microphone and location.
While these zero-day flaws are not uncommon in iOS, an Apple spokesperson urges users to upgrade immediately. The camera, the microphone, Global Positioning System and third-party apps like WhatsApp and Viber, are also endangered because of the malware.
Advertisement
NSO Group denied any knowledge of this specific hack.
