13

iPhones of multiple Al Jazeera journalists hit by a zero-click hack

 3 years ago
source link: https://www.neowin.net/news/iphones-of-multiple-al-jazeera-journalists-hit-by-a-zero-click-hack
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client
iPhones of multiple Al Jazeera journalists hit by a zero-click hack
1604219675_iphone_12_notch_story.jpg

According to The Guardian, many journalists using iPhones with iOS versions lower than 14, have been targeted in a digital espionage campaign. Using a vulnerability present in iMessage, operators using an NSO Group software (nicknamed Kismet), were able to hack into the iPhones of 37 journalists leaving their passwords, microphone input, and photos at risk.

The report, which came out of Citizen Lab at the University of Toronto links four operators to the United Arab Emirates (U.A.E.) and Saudi Arabia. Moreover, out of the 37 targeted journalists, most are from the Qatari state-owned news channel Al Jazeera. The motivation for the hack isn't entirely clear at this point, but some journalists believe that their work on certain controversial topics in these countries could be the reason.

The hack was first discovered when a renowned investigative journalist for Al Jazeera's Arabic network, Tamer Almisshal, became concerned that his phone had been compromised. He then turned to Citizen Lab for assistance. After monitoring the journalist's phone, Citizen Lab reported that the attack was based on a zero-click strategy, meaning that one would not have had to click any malicious links to be targeted. "...his phone had connected to an NSO server after it was infected with an apparent malicious code delivered through Apple’s servers. Seconds later, researchers found technical evidence that Almisshal’s phone had been infiltrated," the Guardian wrote.

Due to the zero-click nature of the attack, it was hard to detect and left behind few traces. The Israeli cyber intelligence and security firm, NSO Group, said it wasn’t familiar with Citizen Lab’s claims and affirmed that it does not have access to the targets’ data. Apple later gave out a statement stating that the attack was "highly targeted", and that it could not verify Citizen Lab's report. The Cupertino firm reaffirmed its recommendation of installing the latest version of iOS since the hack does not appear to work on iOS 14.

Source: The Guardian


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK