This is the first time that anyone has uncovered such an attack in the wild. Until this month, no one had seen an attempted spyware infection leveraging three unknown bugs, or zero-days, in the iPhone. The tools and technology needed for such an attack, which is essentially a remote jailbreak of the iPhone, can be worth as much as one million dollars. After the researchers alerted Apple, the company worked quickly to fix them in an update released on Thursday.
The question is, who was behind the attack and what did they use to pull it off?
It appears that the company that provided the spyware and the zero-day exploits to the hackers targeting Mansoor is a little-known Israeli surveillance vendor called NSO Group, which Lookout’s vice president of research Mike Murray labeled as “basically a cyber arms dealer.”
- Government Hackers Caught Using Unprecedented iPhone Spy Tool (macstories.net)
- Government caught using sophisticated one-click hacking tool in the wild (bgr.com)
- Apple patches iOS security flaws found in spyware targeting activist (computerworld.co.nz)
- Apple patches iOS security flaws found in spyware targeting activist (pcworld.com)
- Cyber Arms Dealer Caught Using Three iOS Zero-Day Flaws to Spy on Dissidents (wccftech.com)
- PSA: Update Your iPad to iOS 9.3.5 Immediately (laptopmag.com)
- Apple issues emergency patch to counter spyware with remote access capability (dnaindia.com)
- Apple releases security update after spyware discovered in UAE (stv.tv)
- Spyware Sold to Governments Behind Recent iOS Zero-Days (news.softpedia.com)
- Apple plugs three actively exploited iOS zero-days (helpnetsecurity.com)