Our electronic devices like our smartphones are real extensions of our lives. You can find out everything about a person by analyzing their phone. The hackers understood this well.
Journalists are said to have been the victims of a large and particularly sophisticated digital spy campaign. According to a Guardian report, Citizen Lab discovered that operators were able to hack the iPhones of 37 journalists (most of Al Jazeera) using a loophole in iMessage dating back to about a year ago through the use of NSO Group software, Kismet. These zero-click attacks left no trace and reportedly allowed access to passwords, audio recordings, and even photos.
Journalists and Activists Spied on via iPhone Vulnerabilities
The exact motivations of these operators are not yet clear, but four of them appear to have origins in Saudi Arabia and the United Arab Emirates. In at least two cases, they would have acted on behalf of their government. One of the victims, Rania Dridi of Al Araby, believes she was targeted because of her talks about women’s rights and her connection to a very vocal critic of Saudi Arabia and the United Arab Emirates. Another victim is said to have even received spyware links such as those used to spy on activist Ahmed Mansoor in 2016.
The vulnerability in question does not appear to be operational on iOS 14.
Investigations are underway to shed light on this affair
NSO Group claimed to know nothing of Citizen Lab’s claims and maintained that it did not have access to the data of these targets. The publisher said it had opened an internal investigation to find the slightest “credible trace of misuse” by its customers, reaffirming that its software was designed only to prosecute criminals. Apple declared that it could not verify the work of Citizen Lab independently but considered that the attack was “highly targeted” and at the same time recalled the need to always have the latest version of it. ‘iOS.
In other words, for Citizen Lab’s statements to be true, it would mean that some countries are still abusing NSO Group tools to spy on activists and other dissidents. It also begs the question that a vulnerability like this could persist for a long time without the public knowing. It’s unclear if anyone outside of NSO Group knew of this vulnerability, or if other phones are compromised. But the damage is done and many journalists and activists are now wondering if their phones were secure, and if they still are.