Serious iOS Vulnerability Discovered

By

A zero-day vulnerability in iOS was exploited to attack a  human rights activist

Apple has released a critical security patch for iOS with 9.3.5 updates. Users are advised to update their iOS devices immediately.

The security update patches a zero-day vulnerability in iOS that was reportedly used by the UAE government to attack award-winning human rights activist Ahmed Mansoor.

According to reports, the UAE government was using a spyware tool called Pegasus to attack Mansoor. Pegasus is developed and sold by Israel-based cyberarms dealer NSO Group. NSO Group is owned by a US private equity firm, Francisco Partners Management, and sells spyware to governments.

Mansoor grew suspicious when he received a text message about detainees being tortured in UAE, according to a Citizen Labs blog. The text included a link that was said to divulge secrets about the detainees. Instead of opening the link, Mansoor sent it to researchers at Citizen Lab, who connected it to the NSO Group.

Citizen Lab collaborated with LookOut Security to investigate the case and found a series of zero-day exploits in iOS. They discovered that clicking on those links would remotely jailbreak Mansoor’s iPhone and install spyware on it. “Once infected, Mansoor’s phone would have become a digital spy in his pocket, capable of employing his iPhone’s camera and microphone to snoop on activity in the vicinity of the device, recording his WhatsApp and Viber calls, logging messages sent in mobile chat apps, and tracking his movements,” researchers wrote in the blog.

Citizen Labs and LookOut security worked with Apple to fix the vulnerability.


“iOS vulnerabilities are expensive and can sell for over $1M,” wrote security expert Bruce Schneier in his blog. Finding such vulnerabilities and patching them renders them useless. According to Schneier, “The more we can do this, the less valuable these zero-days will be to both criminals and governments -- and to criminal governments.”

08/31/2016

Related content

comments powered by Disqus