A security flaw used to target Egyptian human rights activist got fixed by Apple

by Haider Khan 0

A security flaw used to target Egyptian human rights activist got fixed by Apple

Recently researchers had discovered that a UAE dissident’s smartphone had been targeted with a hacking method that was previously not known. To fix this serious security flaw in iPhones/iPads, Apple released a security patch on Thursday.

The attack was made on the phone of Ahmed Mansoor, an Egyptian human rights activist. Actually, a text message invited the activist to click on a web link. But instead of simple clicking the message was sent to researchers at the University of Toronto’s Citizen Lab.

Even the latest iPhone 6 can be affected by the stated hack. Alongside with the security company ‘Lookout’, the Citizen Lab experts worked out and found that the link utilized a program taking advantage of a three flaws that were not known to Apple Inc. and others.

In this regard, the Citizen Lab reported on Thursday, “Once infected, Mansoor’s phone would have become a digital spy in his pocket, capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements”. Moreover, the experts said that Apple was alerted about a week and a half ago and the company worked out a security patch and distributed it as an automatic update to iPhone 6 users to fix the issue. Apple Inc. had released the patch only after the researchers contacted them, said Apple spokesman Fred Sainz.

According to the Citizen Lab, the hacking software was made by a private seller of monitoring systems, NSO Group, an Israeli company that works out on software for governments which can attack phones to gather private information secretly. Hacking software like the ones stated above cost about $1 million.

Mr. Shalev Hulio, NSO Group CEO, referred questions to orator Zamir Dahbash, who said that the company “cannot confirm the specific cases” claimed in the reports of Citizen Lab and Lookout companies. Dahbash added that NSO sells software within the export laws to government agencies, which then run the software. He further said, “The agreements signed with the company’s customers require that the company’s products only be used in a lawful manner,” and added “Specifically, the products may only be used for the prevention and investigation of crimes.”

Some follow-up questions were not answered by Dahbash, including whether exposure of the software used against Mansoor and a Mexican journalist would cease any further sales to those countries.

Despite of NSO’s sale of a majority stake for $120 million to California private equity firm Francisco Partners in 2014, the company has a low profile in the world of security. Dipanjan Deb, CEO of Francisco Partners, did not respond to a call on Thursday. NSO had started calling itself “Q” and was looking for a vendee for close to $1 billion, according to a report published by Reuters in November 2015,

Moreover, according to a senior legal adviser to Citizen Lab, Sarah McKune, Israel tries to adopt the strictures of the Wassenaar Arrangement, which puts controls on the international sale of nuclear and chemical weapons technology and even the latest cyber intrusion tools. NSO may need to apply for an export license, she added, saying that raised questions about “what consideration was given to the human rights record of UAE”.

In Washington, the Israeli embassy did not reply to any email seeking comment. Also NSO marketing material says that it has potential for Android and BlackBerry devices. No version of the software has been exposed yet, which indicates that it is still effective. For attacking Mansoor’s phone with NSO gear called ‘Pegasus’, Citizen Lab did not directly accuse UAE, however it did declare that other NSO attacks on critics of the regime had connection with the government.

Moreover, it also said that a Mexican journalist and Kenya’s minority party politician had also been attacked with NSO tool and that domain names established for other attacks referred to entities from different nations including Turkey, Uzbekistan, Thailand, Saudi Arabia, suggesting that the other targets lived in those countries.

Due to these reasons, the market for “lawful intercept,” or government hacking software, has come under increased examination with revelations about authoritarian customers and victims who did not commit crimes. Two popular vendors, UK’s Gamma Group and Italy’s Hacking Team, have had their wares exposed by researchers, hackers and even cyber-terrorists. Moreover, Citizen Lab stated that software from both of those companies targeted Mansoor’s phone previously. In this regard one of the Citizen Lab researchers, John Scott-Railton said, “I can’t think of a more compelling case of serial misuse of lawful intercept malware than the targeting of Mansoor”.