Israeli Cyber Weapon Dealers Figured Out How to Hack Every iPhone

Image: Gizmodo

NSO Group, a company that sells hacking services to governments so they can spy on journalists and dissidents, exploited gaping security holes in iPhone software, according to a report byLookout Security and Citizen Lab. But don’t worry: Apple just pushed a fix.

The New York Times reports:

The NSO Group’s software can read text messages and emails and track calls and contacts. It can even record sounds, collect passwords and trace the whereabouts of the phone user.

Advertisement

This is about as bad as it gets. Apple released a patch yesterday to fix these massive security problems, and you should download it immediately.

Lookout security researcher Mike Murray explained the scary exploit in an interview with Motherboard. “We realized that we were looking at something that no one had ever seen in the wild before,” Murray said. “Literally a click on a link to jailbreak an iPhone in one step. One of the most sophisticated pieces of cyberespionage software we’ve ever seen.”

Screenshot from a leaked NSO manual via Citizen Lab.
Advertisement

This level of sophistication in malware has never been seen before, and it was used to target human rights activist Ahmed Mansoor, according to Citizen Lab. Mansoor, who has been the target of surveillance since 2011, discovered the malware when he was sent a suspicious link via claiming to have more details on people being tortured in the United Arab Emirates. The link would have actually installed the sophisticated malware on Mansoor’s phone.

Companies that hack tech products to conduct surveillance aren’t new, but a weapon that can completely takeover a supposedly secure device like the iPhone is remarkable. Anything can be hacked, of course, and companies like Apple will always be playing catch up when it comes to locking down their devices from well funded hackers like NSO. But for now, you should definitely update your iPhone.

Advertisement

[Citizen Lab]

Share This Story

About the author

William Turton

Staff Writer, Gizmodo | Send me tips: william.turton@gizmodo.com

TwitterPosts
PGP Fingerprint: 88DF AB75 FAFC 1D10 4C45 A875 CA45 ABE6 B08D 8E52PGP Key
OTR Fingerprint: 47F02E79 399AB8FA CC2A4DEF 4573B25F 18AB41D2