The researchers believe the spyware was created by NSO Group – an Israeli company who sells its software to governments. According to news reports, an Emirati human rights activist named Ahmed Mansoor’s iPhone was hacked using one of the three zero-days an.
Advertisement
iOS 9.3.5 addresses a major security flaw that allows hackers to access targeted iPhones via spyware, the Associated Press reported.
Mansoor is a prominent United Arab Emirates dissident. Lookout called it the most sophisticated spyware package it has seen, taking advantage of the combination of features only available on mobile devices such as voice communications, camera, email, messaging, GPS, passwords and contact lists.
How the hack was even detected is even more incredible: A human rights activist named Ahmed Mansoor, who has been a target of cyber-espionage in the past, received a unusual text message that resembled software breaches he’d dealt with in the past. As the security content shows, Apple has given credit to both Citizen Lab and Lookout for reporting the issue. The device would have also allowed remote server hacking, which would have given the intruder the ability to listen in on Viber and WhatsApp calls as well as track the movements of the device.
If Mr Mansoor had clicked the link, software would have covertly installed itself on his phone – and would have given the attacker secret access to his phone camera, microphone, Global Positioning System and messages.
A report from Citizen lab and Lookout Security has found several critical zero-day vulnerabilities in iOS 9 for the iPhone which have been reportedly deployed by governments to target activists and agitators.
Advertisement
“We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits”. It said it had no knowledge of any particular incidents and would not comment further.
