A new zero-day vulnerability in the iOS devices went under exploit for targeting Al-Jazeera journalists. The latest iOS, though, fixes this vulnerability, the older devices still remain exploitable.
Zero-Click iOS Zero-Day To Spy On Journalists
A team of academic researchers from the University of Toronto has found a vulnerability that even went under attack. The attackers exploited the vulnerability to target 36 journalists, anchors, producers, and executives from Al-Jazeera, along with a journalist of Al-Araby TV.
As explained in the Citizen Lab’s report, Israel’s spyware firm NSO Group developed KISMET that exploited the bug and hacked iPhones.
The incident caught the attention of the Citizen’s Labs when they noticed the use of this tool for targeting the 36 officials during July and August 2020.
Investigating the matter further revealed that the attacks went on at least since October 2019.
The NSO Group, according to the researchers, sold the hacking tool to buyers from Saudi Arabia and the UAE. These buyers linked back to two organizations identified as Sneaky Kestrel and Monarchy.
Specifically, the vulnerability existed in the iMessage app and required no user interaction for exploitation. It affected the iOS devices running on iOS 13.5.1 and later. That means it affected all devices including the latest iPhone 11.
Israel’s NSO Group is known for providing surveillance tools to law enforcement agencies and governments. It’s stealthy malware Pegasus is a popular spyware that spies on the target without being caught or detected.
With the release of iOS 14, Apple patched this vulnerability. However, it’s also investigating the matter regarding the exploitation of the zero-day.
It’s speculated that the buyers would have used the exploit for political gains. Nonetheless, this lacks any concrete evidence.
Anyhow, users must update their devices to iOS 14 at the earliest, as per the researchers’ advice.
We have seen no evidence that the KISMET exploit still functions on iOS 14 and above, although we are basing our observations on a finite sample of observed devices. Apple made many new security improvements with iOS 14 and we suspect that these changes blocked the exploit. Although we believe that NSO Group is constantly working to develop new vectors of infection, if you own an Apple iOS device, you should immediately update to iOS 14.
Let us know your thoughts in the comments.