iPhones belonging to as many as 36 Al-Jazeera journalists were infected by malware earlier this year, according to a Citizen Lab research released on Sunday, December 20. About three dozen Al-Jazeera journalists were targeted to silent malware attacks that appeared to exploit a vulnerability in Apple?s iOS (pre-iOS 14), leaving journalists? iPhones open to snooping, researchers at Citizen Lab have claimed. It has identified 36 personal phones inside Al-Jazeera that were hacked in four distinct ?clusters?, which the researchers attributed to NSO Group operators.
Details of the report state that one operator (codenamed Monarchy) allegedly spied on 18 phones, which may have been done on behalf of the Saudi government. Another operator (codename Sneaky Kestrel), who allegedly spied on 15 iPhones, may have acted on behalf of the UAE government. They also suggest that it may have been done as coordinated efforts. The report further claims that the malware deployed on the journalists? iPhones was most likely created by the NSO Group, an Israeli firm that makes spyware. The NSO was in news last year over cyber attacks on 1,400 people that deployed the infamous Pegasus spyware on targets via WhatsApp Messenger. In this attack, the malware is said to have deployed ?zero-click? tactic, an increasingly common tool in spyware services.
The malicious code used by NSO Group?s client, according to researchers at Citizen, potentially made almost all iPhones running on iOS versions prior to iOS 14. Citizen Lab researcher Bill Marczak explained in a post that the infected devices contained ?anomalous communications? with Apple servers. In particular, it appears that the spyware exploited the ?imagent? background process on iOS, which handles push notifications on FaceTime and iMessages.
The malware could record audio and also extract audio from encrypted voice calls. It could also take pictures, track device location and access passwords. The zero-day vulnerability has been fixed with iOS 14, but for older iPhones, this still remains a major security breach. In response to the report, Apple said the attack was “highly targeted by nation states” against specific individuals. “We always urge customers to download the latest version of the software to protect themselves and their data,” the company was quoted by Forbes as saying. Apple also said it could not independently verify Citizen Lab’s analysis.
NSO Group, which has now added this case to the long list of alleged human rights violation involving the company?s software on behalf of its clients, said in a response that it has no information about the individuals that its software is used to conduct surveillance on. It says that its products enable law enforcement agencies to tackle organised crime and counter-terrorism. ?However, when we receive credible evidence of misuse, combined with the basic identifiers of the alleged targets and timeframes, we take all necessary steps in accordance with our product misuse investigation procedure to review the allegations,” a spokesperson from the Israeli-based company was quoted by The Guardian as saying.
Read all the Latest News, Breaking News and Coronavirus News here
Comments
0 comment