Here, from Apple, are the instructions on how to find the latest updates and install them. If Mansoor had clicked on that link, his phone would have been jailbroken on the spot.
Advertisement
Mansoor sent the message to Bill Marczak, a researcher at digital rights watchdog Citizen Lab, asking for him to investigate.
Both reports suggested it was an Israeli firm called NSO Group which was the source of the spyware. And NSO Group has allegedly used fake domains, impersonating sites such as the International Committee for the Red Cross, the British government’s visa application processing website, and a wide range of news organizations and major technology companies in its operations.
“The threat actor has never been caught before”, Mike Murray, a researcher with Lookout, told the Associated Press. The hackers behind the attack on Mansoor are well-financed-perhaps backed by the United Arab Emirates-and are likely to concentrate on high-value targets like, say, anyone but you. The group brought on mobile security company Lookout, and the two were able to uncover NSO Group’s software. Two weeks ago the human rights activist, received two odd text messages with links to websites.
“We were made aware of this vulnerability and immediately fixed it with iOS 9.3.5”, Apple said in a statement. They traced the previously unknown spyware back to an Israeli-based company called the NSO Group.
If you own an iPhone, update it right now even as you read this article because it can be hacked using three zero-days.
If you are anxious that you could be affected by this vulnerability, the best thing to do is download the latest version of iOS to protect yourself against potential security exploits.
Advertisement
“The fact that this particular exploit took advantage of three vulnerabilities to accomplish complete control shows how advanced and committed the authors are”, said Travis Smith, Senior Security Research Engineer at Tripwire. For users running the beta of iOS 10, the latest seed also patches the exploits.
