Apple issues urgent iPhone software update after attempted hack with most sophisticated spyware ever seen
Apple has issued a global upgrade of its iOS mobile operating system after a botched attempt to break into the iPhone of an Arab activist using hitherto unknown espionage software.
The spyware took advantage of three previously undisclosed weaknesses in iOS to take complete control of iPhone devices.
An Apple spokesperson said: “We were made aware of this vulnerability and immediately fixed it with iOS 9.3.5. We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits.”
San Francisco-based Lookout smartphone security company and internet watchdog group Citizen Lab both suspect the NSO Group, an Israeli company, as the author of the spyware.
“The threat actor has never been caught before,” said Mike Murray, a researcher with Lookout, describing the program as “the most sophisticated spyware package we have seen in the market.”
The reports issued by Lookout and Citizen Lab – based at the University of Toronto’s Munk School of Global Affairs – outlined how an iPhone could be completely compromised with the tap of a finger, a trick so coveted in the world of cyber espionage that in November a spyware broker said it had paid a $1 million dollar bounty to programmers who’d found a way to do it.
Such a compromise would give hackers full control over the phone, allowing them to eavesdrop on calls, harvest messages, activate cameras and microphones and drain the device of its personal data.
Arie van Deursen, a professor of software engineering at Delft University of Technology in the Netherlands, said both reports were credible and disturbing. Forensics expert Jonathan Zdziarski described the malicious program as a “serious piece of spyware.”
The security hole may have gone unpatched had it not been for the wariness of human rights activist Ahmed Mansoor in the United Arab Emirates.
Citizen Lab researcher Bill Marczak, who’d already been looking into the NSO Group, said he and fellow researcher John Scott-Railton turned to Lookout for help picking apart the malicious program, a process which Murray compared to “defusing a bomb.”
“It is amazing the level they’ve gone through to avoid detection,” he said of the software’s makers. “They have a hair-trigger self-destruct.”
Working feverishly over a two-week period, the researchers found that Mansoor had been targeted by an unusually sophisticated piece of software.
In a statement which did not say the spyware was its own, the NSO Group said its mission was to provide “authorized governments with technology that helps them combat terror and crime.”
The company said it had no knowledge of any particular incidents. It said it would not make any further comment.