Apple released a security fix to patch a flaw in iPads and iPhones. Security researchers found out that a user’s phone in the United Arab Emirates had been hacked with spyware using a method that was hitherto unknown.
The security firm, Lookout and Citizen Lab, issued a warning that iOS devices could be hacked in such a manner that the device would be completely under the control of a third party.
The spyware could accelerate the vulnerabilities of the device to such an extent that the device’s location could be tracked, contacts, texts, calls, and emails read, and even the device’s microphone turned on.
The Spyware – How It Works
The phone that was attacked with the spyware was that of Ahmed Mansoor, a human rights activist.
The spyware spurred the dissident to click on a web link with a text message.
However, he did not click the link but instead forwarded the message to a bunch of researchers at the Citizen Lab at the University of Toronto.
After due research, the security experts said that the spyware operated thus: it would prompt the user by sending a text message, followed by opening the browser and loading a page.
It would then exploit the device and install resident software that would gather more information silently.
The spyware would then be able to snoop on the device, recording the WhatsApp and Viber calls and tracking the owner’s movements.
The user of the phone would have no knowledge whatsoever that the device has been compromised by the spyware.
Apple has since released a security fix, iOS 9.3.5, to patch these flaws.
The update is available for iPad 2 and later devices, iPhone 4s and newer phones and iPad 5th generation devices.
The fix is available as software updates for the devices or can be installed via iTunes to a connected PC or Mac.
This hack was the first instance when a spyware could remotely and completely take over an iPhone 6.
The company spokesperson, Fred Sainz, said that the security fix was issued after the researchers contacted the company.
The patch was issued as an automatic update for iPhone 6 owners.
The iPhone users were asked to download and use the latest iOS version to protect themselves against any vulnerability by spyware.
The spyware was attributed to be the brainchild of the NSO Group, an Israeli firm involved in the manufacture of software.
Their clients were mainly governments that used the software to gather information from mobile phones. Remote exploit spyware such as the present one would cost about 1 million dollars, security experts opined.
However, when NSO was contacted, company spokesperson Zamir Dahbash said that questions cannot be answered in specific cases like the present one.
He, however, added that mainly governments form the company’s clients and therefore the products are used only within the limits of the law.
They are used to gather information that would help to prevent and investigate crimes. There was also no response to the query as to whether sales to the affected countries would end.
NSO is a company that maintains a low profile and stories were making the rounds that they were looking for someone to buy the company for about 1 billion dollars.
Sarah McKune, senior legal adviser of the Citizen Lab also opined that Israel has always tried to follow the stipulations set down by the Wassenaar Agreement that controls the international sale of technology for chemical and nuclear weapons and cyber-intrusion tools.
Citizen Lab did not make any direct accusation that UAE carried out the attack on its dissident using NSO spyware; however, they did mention that many attacks on critics of the current regime in many countries were connected to their respective governments.
There have been reports of a Kenyan minority party politician as well as a Mexican journalist whose phones were hacked using spyware.
They also said that domain names that were marked for future attacks included ones in countries such as Saudi Arabia, Thailand, and Uzbekistan and this suggested that some of the targets lived in these countries.
Two companies that have had their products exposed by researchers or hackers include Gamma Group and Hacking Team of Italy.
The dissident has been the target of intrusion tools of both these companies earlier, according to Citizen Lab.
The Mansoor episode has been a singular case where the spyware intrusion has been serial in nature.