After recording the attempt to break into Apple’s iPhone of an Arab activist through unknown espionage software, the company issued a global upgrade of its mobile OS. The spyware exploited 3 previously undisclosed flaws in iPhone to take complete control of the mobile device.
An Arab activist opened his iPhone 6 and spied 2 suspicious text messages offering new information about dissidents being held and tortured in the UAE – of course each contained a link to a website for more details. Instead of clicking them, he forwarded messages to security researchers, who found a very sophisticated piece of spyware that could jailbreak the person’s iPhone and take complete control of the operating system, bypassing any Apple’s security controls.
The researchers found that the technique had used 3 separate “zero-day exploits” that have been never before encountered by security researchers. The first exploited a flaw in Safari, making the device launch a browser session. The second exploit located the iOS kernel, and the third replaced it, becoming a part of the system. From that point, attackers could spy on virtually anything the phone owner did – calls, text messages, any communication apps, scan the calendar and steal any personal information.
Apple fixed the vulnerability immediately after learning about it, while the security experts traced the attackers to a private Israeli security firm called NSO Group, a developer of the surveillance software Pegasus. The firm didn’t acknowledge that the spyware was its own, but said that its mission was to provide national governments with technology that helps them combat terror and crime.