Remember meForgot password?
    Log in with Twitter

article imageiPhone users urged to update after 'unprecedented' spyware found

By James Walker     Aug 26, 2016 in Technology
Apple has released a critical security update for iOS that contains patches for three of the most serious flaws ever discovered in the software. A successful exploit has been found in the wild, giving hackers complete access from a single text message.
The story was first reported by Motherboard yesterday. On August 10, 46-year-old human rights activist Ahmed Mansoor, from the United Arab Emirates, received a text message on his iPhone. It read "New secrets about torture of Emiratis in state prisons" and included a link, evidently designed to grab the attention of the activist.
Mansoor didn't recognise the sender's number and the message and link looked highly suspicious. Vigilant about security, he sent the message straight to Bill Marczak, a researcher at digital rights watchdog Citizen Lab, of the University of Toronto's Munk School of Global Affairs. Over the next few days, Marczak uncovered one of the most sophisticated iOS exploits ever developed.
Had Mansoor tapped the link, a highly complex piece of malware would have been downloaded to his phone. It exploited three vulnerabilities in iOS that would have given the attackers complete control of his device. Before its discovery, none of the three flaws were known to security researchers or Apple. A hacker could gain full control of an iPhone from a single text message.
The attack is an unprecedented discovery. iOS is usually viewed to be the most secure mobile platform. It has never been affected by such a serious exploit in the past. The existence of the malware proves that no software is flawless, however. It's speculated the tools needed to create the malware may have cost as much as one million dollars.
"We realised that we were looking at something that no one had ever seen in the wild before," Mike Murray, vice president of research at mobile security firm Lookout said to Motherboard. "Literally a click on a link to jailbreak an iPhone in one step. One of the most sophisticated pieces of cyberespionage software we've ever seen."
Once installed, the malware used the three vulnerabilities to effectively jailbreak the iPhone. This is a procedure commonly used by enthusiasts to install customised software. With iOS cracked open, the attackers would have placed spyware onto Mansoor's phone to follow his activities.
Citizen Lab and Lookout next proceeded to establish the identity of the attackers. It appears as though the hackers obtained both the spyware and the details on the iOS vulnerabilities from Israeli surveillance vendor NSO Group, a company that Murray describes as "basically a cyber arms dealer." It is known to have supplied sophisticated smartphone malware to governments several times since its formation in 2010. Its Pegasus iOS malware can silently infect an iPhone and steal almost any data stored on the device.
Murray transferred the text message sent to Mansoor onto a test iPhone. After clicking the link, the phone was infected with Pegasus, giving the security firm a look at exactly what the spyware is capable of. The company discovered it steals "basically all the information on your phone" and then "backdoors every communications mechanism," giving it the power to spy on everything you do online.
This insight may well have disrupted the operations of NSO Group, a company that has gained a legendary status for secrecy over the past few years. After analysing the actions of the malware delivered by the link in the text message, the researchers traced it back to a server that is known to be used by NSO Group. Its code also contains a reference to "PegasusProtocol," an obvious link to NSO's Pegasus spyware.
With Pegasus in the wild, everyone is now aware of its capabilities. Previously, unconfirmed rumours and vague descriptions of NSO Group's products were all that existed. With its spyware exposed and the unknown iOS exploits uncovered, the company will be forced to develop new techniques. However, the researchers don't expect the group to be out of action for long. It appears to have some of the most advanced mobile hackers in the world within its shady walls.
In a statement to Motherboard, NSO Group said its mission is to "help make the world a safer place by providing authorized governments with technology that helps them combat terror and crime." It said that its agreements with customers stipulate its technology can only be used "in a lawful manner" and for the "prevention and investigation of crimes."
With the malware uncovered, Citizen Lab and Lookout immediately reached out to Apple with their findings. The company responded straight away but took 10 days to develop a patch, hinting at the complexity of the exploits. The severity of the vulnerabilities is so high that Apple has now rushed a public iOS release to customers, version 9.3.5. All users are advised to install it as soon as possible. Apple declined to comment on the discovery when asked by Motherboard.
The researchers said that iOS is still the single most secure consumer device platform around. However, they warned that Apple needs to implement better compromise detection mechanisms for when exploits are developed. It's currently almost impossible for a user to detect when they're infected.
"The problem is that it takes a paranoid mentality and friends at Citizen Lab to identify whether you have malware," Dan Guido, CEO of security firm Trail of Bits told Motherboard. If it wasn’t for the vigilance of Mansoor, these zero-day exploits would still be present in iOS.
More about Apple, iPhone, Security, Vulnerability, exploit
Latest News
Top News