Ahmed Mansoor, a human rights activist who became a target in an attempted hacking campaign by the UAE government. Pic: Martin Ennais Foundation
Apple issues security fix after hack attempt on UAE activist Ahmed Mansoor
A PARTICULARLY hazardous security flaw in iPhones and iPads has been fixed after a prominent United Arab Emirates (UAE) activist’s phone was targeted in an unprecedented hacking attempt, which could have potentially taken over the phone’s system.
Ahmed Mansoor, a human rights campaigner and recipient of the Martin Ennals Award, received text messages on his iPhone 6 on August 10 and 11, inviting him to click on a link that would reveal secrets about detainees undergoing torture in UAE jails.
Instead, he sent the messages to Citizen Lab researchers, who wrote that the links had come from an “exploit infrastructure” related to Israel-based “cyber war” company, NSO Group. This is the first time researchers have ever seen a targeted attack campaign of this nature.
@Ahmed_Mansoor got this SMS via #NSOGroup #spyware Translation: 'New secrets of UAE citizen torture in UAE jails' pic.twitter.com/1azXKuvFK0
— Hadi Hosn (@hadihosn) August 25, 2016
According to Citizen Lab, NSO sells a spyware product called ‘Pegasus’ – which is backed by the UAE government, and is considered a “lawful intercept” spyware product.
Had Mansoor unwittingly opened the link, the spyware would have exploited several vulnerabilities in the iPhone software to essentially jailbreak the mobile device to install itself.
“Once infected, Mansoor’s phone would have become a digital spy in his pocket,” said Citizen Lab, and continued: “… capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements.”
SEE ALSO: At least 10 million Android devices may be infected by Chinese malware HummingBad
NSO Chief Executive Shalev Hulio told Reuters that NSO’s agreements with government agencies upon selling their products requires that they be used lawfully. He added: “Specifically, the products may only be used for the prevention and investigation of crimes.”
He had no further comment about whether the fact that the tools were used against Mansoor and another person, a Mexican journalist, would make them stop sales in those countries.
Software traced back to an Israeli company's 'anti-terror' software. All too often an excuse for targeting HRDs. https://t.co/We7WlIQtrk
— Jacob Burns (@JacobTBurns) August 25, 2016
Apple was alerted to the security flaw a week and a half ago, reports Reuters, and Apple spokesman Fred Sainz confirmed a patch has been issued.
“The attack on Mansoor is further evidence that ‘lawful intercept’ spyware has significant abuse potential, and that some governments cannot resist the temptation to use such tools against political opponents, journalists, and human rights defenders,” said Citizen Lab.
“Our findings also highlight the conitnuing lack of effective human rights policies and due diligence at spyware companies, and the continuing lack of incentives to address abuses of ‘lawful intercept’ spyware.”
READ MORE
- The criticality of endpoint management in cybersecurity and operations
- Ethical AI: The renewed importance of safeguarding data and customer privacy in Generative AI applications
- How Japan balances AI-driven opportunities with cybersecurity needs
- Deploying SASE: Benchmarking your approach
- Insurance everywhere all at once: the digital transformation of the APAC insurance industry