State actors hacked iPhones of dozens of Al Jazeera journalists using Israeli spyware
The spyware exploited an iMessage vulnerability in iOS
Cyber actors thought to be linked to the United Arab Emirates (UAE) and Saudi Arabia compromised iPhones of dozens of journalists of the Al Jazeera news network as part of a cyber espionage campaign to steal sensitive information from the devices.
That ' s according to the researchers from Citizen Lab at the University of Toronto, who claim that the hackers most likely used NSO Group ' s Pegasus spyware to exploit an iMessage vulnerability in versions of the Apple iOS operating system pre-dating iOS 14.
A detailed analysis of the attack revealed that in July and August, at least four operatives used NSO's spyware to hack 36 personal phones of Al Jazeera journalists, producers, anchors and executives. One of those operatives, likely linked with the Saudi government, hacked 18 phones, while another operative, with ties to the UAE government, spied on 15 phones.
According to researchers, the malware enabled the hackers to access passwords, take pictures, trace device location and record audio from the iPhones' microphone. The attack appears to have relied on a "zero click" technology, meaning that the target device was compromised without the victims required to click on a link with malicious code.
"The zero-click techniques used against Al Jazeera staff were sophisticated, difficult to detect, and largely focused on the personal devices of reporters," the report said.
In a statement to the Guardian, Apple said that it could not independently verify Citizen Lab ' s research, but acknowledged that the cyber attack was "highly targeted".
The company urged people to install the latest version of iOS to protect their data from cyber attacks.
The new allegation against NSO Group marks the latest in a series of alleged cyber-espionage campaigns involving the company ' s spyware.
Last year, it was alleged NSO Group spyware was used to spy on a large number of users of the social messaging app WhatsApp.
The researchers who discovered that security incident said the attackers only needed to ring targets' phones to install the Pegasus surveillance tool, with the spyware installed even if users didn't respond to the attacker's call. Moreover, such calls disappeared from the call logs after some time.
In October 2019, Facebook filed a lawsuit against NSO Group, claiming that it had taken advantage of vulnerabilities in WhatsApp messaging software to propagate spyware.
And earlier this year, the social media company stated in a court filing that the Israeli firm had used a server run by QuadraNet, a Los Angeles-based hosting provider, to direct NSO's Pegasus spyware at numerous devices using WhatsApp software.
NSO spyware was also implicated in the surveillance by Saudi agents of journalist Jamal Khashoggi, who was later murdered.
NSO Group has repeatedly rejected claims of abuse, stating that it develops tools that are used by law enforcement agencies and government to intercept terrorist activities and to counter crime operations.
The company also claims that it sells tools only to responsible countries after detailed screening and following Israeli government approval.
"As we have repeatedly stated we do not have access to any information with respect to the identities of individuals our system is used to conduct surveillance on," the company said.
"However, where we receive credible evidence of misuse, combined with the basic identifiers of the alleged targets and timeframes, we take all necessary steps in accordance with our product misuse investigation procedure to review the allegations."