If you think iPhone is the safest smartphone out there, we’ve got something that’s going to burst this bubble of yours.
As reported by The Wall Street Journal, spyware relying on three previously unknown, or “zero-day,” flaws in Apple’s iOS mobile operating system for years made it possible for governments to take over victims’ phones by deceiving them into clicking on a link in a text message.
Lookout, a cybersecurity firm, and Citizen Lab at the University of Toronto’s Munk School of Global Affairs has shed some light on this interesting discovery.
Mike Murray, vice president of security research at Lookout said, “This is the most sophisticated bad actor we have ever seen targeting mobile phones out in the wild.”
The malware, which as per the researchers, originated from an Israeli company called NSO Group that was bought by the U.S. private equity firm Francisco Partners in 2014, was used to target journalists and activists in some cases, according to Citizen Lab, a group focused on the intersection of technology and information security.
Apple released a fix for the problems on Thursday. The company said, “We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits.”
A spokesman for NSO Group, Zamir Dahbash, stated that the mobile hacking software is only sold to governments. “The agreements signed with the company’s customers require that the company’s products only be used in a lawful manner. Specifically, the products may only be used for the prevention and investigation of crimes.”
The spyware first came into spotlight after pro-democracy activist Ahmed Mansoor received two text messages promising “secrets” about prisoners tortured in United Arab Emirates jails.
Mansoor immediately became suspicious, and sent the message to Citizen Lab for verification. He says that he has been jailed for his activism and targeted with commercial malware in past incidents that researchers have linked to the UAE government.
He adds, “I’m a regular target for the authorities here,” he told The Post. “Every time they get new spyware, they seem to try it out on me.”
Citizen Labs found out that if he’d opened the message, the attackers could’ve taken over the device.
The UAE has not responded to a Post request for comment. NSO says that the malware used to target Mansoor, which is called as Pegasus, is a tool which allows “remote and stealth monitoring and full data extraction from remote targets devices via untraceable commands.”
However Citizen Labs contradicts this and says that it was traceable. The researchers were able to locate a network of sites hosting the malware, most used web addresses designed to trick users into thinking they are legitimate sites.
The malware suggest that it has been in use for years, as per the researchers. The risk to everyday users may have been minimal as the NSO Group says it sells its spyware only to governments.
Although Apple did manage to get a security patch out, blocking the malware, it is sort of scary to see how easy it was for NSO to get into the iPhone and take full control of the device.
Moreover, Apple also recently started a bug bounty program which will pay $200,000 to researchers who find vulnerabilities on iOS.